X-Original-To: alpine-aports@lists.alpinelinux.org Received: from mx0.jmt.gr (mx0.jmt.gr [81.7.7.41]) by lists.alpinelinux.org (Postfix) with ESMTP id 279245C442F for ; Mon, 21 Nov 2016 14:03:18 +0000 (GMT) Received: from localhost.localdomain (unknown [IPv6:2a02:1b8:9:a551:d175:75a3:c4f8:f91a]) by mx0.jmt.gr (Postfix) with ESMTPSA id AA50981506; Mon, 21 Nov 2016 14:03:16 +0000 (GMT) From: Johannes Matheis To: alpine-aports@lists.alpinelinux.org Cc: Johannes Matheis Subject: [alpine-aports] [PATCH] community/wireguard: new aport Date: Mon, 21 Nov 2016 14:03:02 +0000 Message-Id: <20161121140302.12183-1-jomat+alpinebuild@jmt.gr> X-Mailer: git-send-email 2.10.2 X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: https://www.wireguard.io/ WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography --- community/wireguard/APKBUILD | 66 ++++++++++++++++++++++++++++++++++ community/wireguard/README.alpine | 36 +++++++++++++++++++ community/wireguard/wg_example.conf | 7 ++++ community/wireguard/wireguard.ifupdown | 45 +++++++++++++++++++++++ 4 files changed, 154 insertions(+) create mode 100644 community/wireguard/APKBUILD create mode 100644 community/wireguard/README.alpine create mode 100644 community/wireguard/wg_example.conf create mode 100755 community/wireguard/wireguard.ifupdown diff --git a/community/wireguard/APKBUILD b/community/wireguard/APKBUILD new file mode 100644 index 0000000..78d56cf --- /dev/null +++ b/community/wireguard/APKBUILD @@ -0,0 +1,66 @@ +# Contributor: Johannes Matheis +# Maintainer: Johannes Matheis +pkgname=wireguard +pkgver=0.0.20161116.1 +pkgrel=0 +pkgdesc="WireGuard is an extremely simple yet fast and modern VPN that utilizes state-of-the-art cryptography" +url="https://www.wireguard.io/" +arch="all" +license="GPL" +depends="" +makedepends="linux-headers linux-grsec-dev libmnl-dev" +install="" +subpackages="$pkgname-doc $pkgname-tools $pkgname-kmod" +source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-experimental-${pkgver}.tar.xz + wireguard.ifupdown + README.alpine + wg_example.conf" +builddir="$srcdir/WireGuard-experimental-${pkgver}/src/" + +prepare() { + local i + cd "$builddir" + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done +} + +build() { + cd "$builddir" + make KCFLAGS=-fno-pie || return 1 +} + +package() { + depends="wireguard-tools wireguard-module" + cd "$builddir" + make DESTDIR="$pkgdir" INSTALL_MOD_PATH="$pkgdir" install || return 1 + install -D -m600 $srcdir/wg_example.conf $pkgdir/usr/share/doc/wireguard/wg_example.conf || return 1 + install -D -m644 $srcdir/README.alpine $pkgdir/usr/share/doc/wireguard/README.alpine || return 1 +} + +tools() { + install -d -m700 $subpkgdir/etc/wireguard || return 1 + install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-pre-up.d/wireguard || return 1 + install -D -m755 $srcdir/wireguard.ifupdown $subpkgdir/etc/network/if-post-down.d/wireguard || return 1 + mv $pkgdir/usr $subpkgdir +} + +kmod() { + install -d -m755 $subpkgdir + mv $pkgdir/lib $subpkgdir +} + +md5sums="031f76e990a649b6ab0185ad9848f88c WireGuard-experimental-0.0.20161116.1.tar.xz +fa5fff08d09f53469ee0380b75b1ebc1 wireguard.ifupdown +f0c50dbbed58dbf7ff823da41427f65a README.alpine +b3e9f999dbaf32d063a75479e9ebbc87 wg_example.conf" +sha256sums="730d9d919e1942cf83e59dcb8c6ee6ac6696c62ce363c4802474774a5db8238d WireGuard-experimental-0.0.20161116.1.tar.xz +da6b51d3b78daf67069b24eb43c968b50eb3e39bcb0d23c192540ff6cbe02fef wireguard.ifupdown +59104dd25feaaf2a59d126bdae038a3a92317a18daa5be363d96e97426e0885a README.alpine +549c94588eb42656c6af7e84c1e4a2011f202500a95a6e520042ab6cbf32debf wg_example.conf" +sha512sums="abfe4e973ea5f829e90c929994f359fcc814a72d8fd92274a0921d5756ecee8b1c8e3a7b0d97947ae37915f4c7437c1cdee59ff88dc53d124fbb1a6d1f22e8d8 WireGuard-experimental-0.0.20161116.1.tar.xz +582d451969c7987af5af3682ed672b9734ccb033362c0b0bbd80f49f28ef241efb3c4e4a1dfe8ee1d58b24ce1cdbbc74c6342d48a89b749e4b3aa6a10931d9cb wireguard.ifupdown +7d3cd33eaf0cfe1b4514aa665288a441a356ffd4d042e68c72b0bd6a0b8ab7b7ab5e195471b286a28e6613fe0a7fd507bf19c6db563e123da07dcaee4ca71647 README.alpine +9e6ce4d394d606e5d5485bd746f00de17eab42c939e9b7173ef7237003e43f4a5586634a6425fe8d3f473bf72131d60f9ed30f4dc9a65bd244b1e08a06575ce0 wg_example.conf" diff --git a/community/wireguard/README.alpine b/community/wireguard/README.alpine new file mode 100644 index 0000000..cacfaed --- /dev/null +++ b/community/wireguard/README.alpine @@ -0,0 +1,36 @@ +Using the experimental WireGuard VPN and encrypted network tunnel +================================================================== + +WireGuard is still in experimental stages. Please use caution! + +Check https://www.wireguard.io/ for information that isn't +specific to Alpine Linux. + + +Configure wireguard interfaces in /etc/network/interfaces: + +iface wg_example inet static + wg_config /etc/wireguard/wg_example.conf + wg_update_conf false + address 10.23.42.1 + netmask 255.255.255.0 + [...] + + +Any interface names starting with 'wg' will be treated as +wireguard interfaces. To use a different name, set at least +one of the optional wg_ variables: + +wg_config + Defaults to /etc/wireguard/$IFNAME.conf + Specifies a different config file for the tunnel, see + also wg_example.conf + +wg_update_conf + Defaults to false + Update config file upon taking down the interface + This can be useful for roaming endpoints + +wg_ignore + Default to false + Set to true if this isn't a wireguard interface diff --git a/community/wireguard/wg_example.conf b/community/wireguard/wg_example.conf new file mode 100644 index 0000000..fbaac19 --- /dev/null +++ b/community/wireguard/wg_example.conf @@ -0,0 +1,7 @@ +[Interface] +PrivateKey = yAnz5TF+lXXJte14tji3zlMNq+hd2rYUIgJBgB3fBmk= +ListenPort = 41414 + +[Peer] +PublicKey = xTIBA5rboUvnH4htodjb6e697QjLERt1NAB4mZqp8Dg= +AllowedIPs = 10.192.122.3/32, 10.192.124.1/24 diff --git a/community/wireguard/wireguard.ifupdown b/community/wireguard/wireguard.ifupdown new file mode 100755 index 0000000..3509977 --- /dev/null +++ b/community/wireguard/wireguard.ifupdown @@ -0,0 +1,45 @@ +#!/bin/sh +IP=/sbin/ip +WG=/usr/bin/wg +MV=/bin/mv +MKTEMP=/bin/mktemp + +case ${IF_WG_IGNORE} in + yes|true|1) exit 0;; +esac + +if [ "${IFACE#wg*}" == "$IFACE" \ + -a -z "${IF_WG_CONFIG}" \ + -a -z "${IF_WG_UPDATE_CONF}" \ + -a -z "${IF_WG_IGNORE}" ] +then + exit 0 +fi + +: ${IF_WG_CONFIG:=/etc/wireguard/${IFACE}.conf} + +case ${PHASE} +in + pre-up) + if [ ! -f ${IF_WG_CONFIG} ] + then + echo "WireGuard config file ${IF_WG_CONFIG} not found." >&2 + exit 1 + fi + ${IP} link add dev ${IFACE} type wireguard + ${WG} setconf ${IFACE} ${IF_WG_CONFIG} + ;; + post-down) + case ${IF_WG_UPDATE_CONF} + in + yes|true|1) + echo "Updating ${IF_WG_CONFIG}" + umask 077 + TMPFILE=$(${MKTEMP}) + ${WG} showconf ${IFACE} > ${TMPFILE} + ${MV} ${TMPFILE} ${IF_WG_CONFIG} + ;; + esac + ${IP} link del dev ${IFACE} + ;; +esac -- 2.10.2 --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---