https://www.wireguard.io/
WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography
---
community/wireguard/APKBUILD | 66 ++++++++++++++++++++++++++++++++++
community/wireguard/README.alpine | 36 +++++++++++++++++++
community/wireguard/wg_example.conf | 7 ++++
community/wireguard/wireguard.ifupdown | 45 +++++++++++++++++++++++
4 files changed, 154 insertions(+)
create mode 100644 community/wireguard/APKBUILD
create mode 100644 community/wireguard/README.alpine
create mode 100644 community/wireguard/wg_example.conf
create mode 100755 community/wireguard/wireguard.ifupdown
diff --git a/community/wireguard/APKBUILD b/community/wireguard/APKBUILD
new file mode 100644
index 0000000..78d56cf
--- /dev/null
@@ -0,0 +1,66 @@
+# Contributor: Johannes Matheis <jomat+alpinebuild@jmt.gr>
+# Maintainer: Johannes Matheis <jomat+alpinebuild@jmt.gr>
+pkgname=wireguard
+pkgver=0.0.20161116.1
+pkgrel=0
+pkgdesc="WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography"
+url="https://www.wireguard.io/"
+arch="all"
+license="GPL"
+depends=""
+makedepends="linux-headers linux-grsec-dev libmnl-dev"
+install=""
+subpackages="$pkgname-doc $pkgname-tools $pkgname-kmod"
+source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-experimental-${pkgver}.tar.xz
+ wireguard.ifupdown
+ README.alpine
+ wg_example.conf"
+builddir="$srcdir/WireGuard-experimental-${pkgver}/src/"
+
+prepare() {
+ local i
+ cd "$builddir"
+ for i in $source; do
+ case $i in
+ *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;;
+ esac
+ done
+}
+
+build() {
+ cd "$builddir"
+ make KCFLAGS=-fno-pie || return 1
+}
+
+package() {
+ depends="wireguard-tools wireguard-module"
+ cd "$builddir"
+ make DESTDIR="$pkgdir" INSTALL_MOD_PATH="$pkgdir" install || return 1
+ install -D -m600 $srcdir/wg_example.conf $pkgdir/usr/share/doc/wireguard/wg_example.conf || return 1
+ install -D -m644 $srcdir/README.alpine $pkgdir/usr/share/doc/wireguard/README.alpine || return 1
+}
+
+tools() {
+ install -d -m700 $subpkgdir/etc/wireguard || return 1
+ install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-pre-up.d/wireguard || return 1
+ install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-post-down.d/wireguard || return 1
+ mv $pkgdir/usr $subpkgdir
+}
+
+kmod() {
+ install -d -m755 $subpkgdir
+ mv $pkgdir/lib $subpkgdir
+}
+
+md5sums="031f76e990a649b6ab0185ad9848f88c WireGuard-experimental-0.0.20161116.1.tar.xz
+fa5fff08d09f53469ee0380b75b1ebc1 wireguard.ifupdown
+f0c50dbbed58dbf7ff823da41427f65a README.alpine
+b3e9f999dbaf32d063a75479e9ebbc87 wg_example.conf"
+sha256sums="730d9d919e1942cf83e59dcb8c6ee6ac6696c62ce363c4802474774a5db8238d WireGuard-experimental-0.0.20161116.1.tar.xz
+da6b51d3b78daf67069b24eb43c968b50eb3e39bcb0d23c192540ff6cbe02fef wireguard.ifupdown
+59104dd25feaaf2a59d126bdae038a3a92317a18daa5be363d96e97426e0885a README.alpine
+549c94588eb42656c6af7e84c1e4a2011f202500a95a6e520042ab6cbf32debf wg_example.conf"
+sha512sums="abfe4e973ea5f829e90c929994f359fcc814a72d8fd92274a0921d5756ecee8b1c8e3a7b0d97947ae37915f4c7437c1cdee59ff88dc53d124fbb1a6d1f22e8d8 WireGuard-experimental-0.0.20161116.1.tar.xz
+582d451969c7987af5af3682ed672b9734ccb033362c0b0bbd80f49f28ef241efb3c4e4a1dfe8ee1d58b24ce1cdbbc74c6342d48a89b749e4b3aa6a10931d9cb wireguard.ifupdown
+7d3cd33eaf0cfe1b4514aa665288a441a356ffd4d042e68c72b0bd6a0b8ab7b7ab5e195471b286a28e6613fe0a7fd507bf19c6db563e123da07dcaee4ca71647 README.alpine
+9e6ce4d394d606e5d5485bd746f00de17eab42c939e9b7173ef7237003e43f4a5586634a6425fe8d3f473bf72131d60f9ed30f4dc9a65bd244b1e08a06575ce0 wg_example.conf"
diff --git a/community/wireguard/README.alpine b/community/wireguard/README.alpine
new file mode 100644
index 0000000..cacfaed
--- /dev/null
@@ -0,0 +1,36 @@
+Using the experimental WireGuard VPN and encrypted network tunnel
+==================================================================
+
+WireGuard is still in experimental stages. Please use caution!
+
+Check https://www.wireguard.io/ for information that isn't
+specific to Alpine Linux.
+
+
+Configure wireguard interfaces in /etc/network/interfaces:
+
+iface wg_example inet static
+ wg_config /etc/wireguard/wg_example.conf
+ wg_update_conf false
+ address 10.23.42.1
+ netmask 255.255.255.0
+ [...]
+
+
+Any interface names starting with 'wg' will be treated as
+wireguard interfaces. To use a different name, set at least
+one of the optional wg_ variables:
+
+wg_config
+ Defaults to /etc/wireguard/$IFNAME.conf
+ Specifies a different config file for the tunnel, see
+ also wg_example.conf
+
+wg_update_conf
+ Defaults to false
+ Update config file upon taking down the interface
+ This can be useful for roaming endpoints
+
+wg_ignore
+ Default to false
+ Set to true if this isn't a wireguard interface
diff --git a/community/wireguard/wg_example.conf b/community/wireguard/wg_example.conf
new file mode 100644
index 0000000..fbaac19
--- /dev/null
@@ -0,0 +1,7 @@
+[Interface]
+PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk=
+ListenPort = 41414
+
+[Peer]
+PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg=
+AllowedIPs = 10.192.122.3/32, 10.192.124.1/24
diff --git a/community/wireguard/wireguard.ifupdown b/community/wireguard/wireguard.ifupdown
new file mode 100755
index 0000000..3509977
--- /dev/null
@@ -0,0 +1,45 @@
+#!/bin/sh
+IP=/sbin/ip
+WG=/usr/bin/wg
+MV=/bin/mv
+MKTEMP=/bin/mktemp
+
+case ${IF_WG_IGNORE} in
+ yes|true|1) exit 0;;
+esac
+
+if [ "${IFACE#wg*}" == "$IFACE" \
+ -a -z "${IF_WG_CONFIG}" \
+ -a -z "${IF_WG_UPDATE_CONF}" \
+ -a -z "${IF_WG_IGNORE}" ]
+then
+ exit 0
+fi
+
+: ${IF_WG_CONFIG:=/etc/wireguard/${IFACE}.conf}
+
+case ${PHASE}
+in
+ pre-up)
+ if [ ! -f ${IF_WG_CONFIG} ]
+ then
+ echo "WireGuard config file ${IF_WG_CONFIG} not found." >&2
+ exit 1
+ fi
+ ${IP} link add dev ${IFACE} type wireguard
+ ${WG} setconf ${IFACE} ${IF_WG_CONFIG}
+ ;;
+ post-down)
+ case ${IF_WG_UPDATE_CONF}
+ in
+ yes|true|1)
+ echo "Updating ${IF_WG_CONFIG}"
+ umask 077
+ TMPFILE=$(${MKTEMP})
+ ${WG} showconf ${IFACE} > ${TMPFILE}
+ ${MV} ${TMPFILE} ${IF_WG_CONFIG}
+ ;;
+ esac
+ ${IP} link del dev ${IFACE}
+ ;;
+esac
--
2.10.2
---
Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org
Help: alpine-aports+help@lists.alpinelinux.org
---