wg: add systemd unit and auto-detection
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
This commit is contained in:
parent
7c202eb5fc
commit
6b940830e9
5 changed files with 66 additions and 31 deletions
|
@ -1,5 +0,0 @@
|
||||||
Until WireGuard receives full integration to the various network
|
|
||||||
management utilities, there are a number of ways of setting up
|
|
||||||
a WireGuard tunnel at boot time. This systemd unit file is one
|
|
||||||
such way of doing things. Probably it should be tweaked before
|
|
||||||
using.
|
|
|
@ -1,15 +0,0 @@
|
||||||
[Unit]
|
|
||||||
Description=WireGuard Server
|
|
||||||
|
|
||||||
[Service]
|
|
||||||
Type=oneshot
|
|
||||||
RemainAfterExit=yes
|
|
||||||
ExecStart=/bin/ip link add dev wgserver type wireguard
|
|
||||||
ExecStart=/bin/ip address add 192.168.177.1/24 dev wgserver
|
|
||||||
ExecStart=/usr/bin/wg setconf wgserver /etc/wireguard-server.conf
|
|
||||||
ExecStart=/bin/ip link set up dev wgserver
|
|
||||||
ExecStop=/bin/sh -c 'umask 077; /usr/bin/wg showconf wgserver > /etc/wireguard-server.conf.tmp && mv /etc/wireguard-server.conf.tmp /etc/wireguard-server.conf'
|
|
||||||
ExecStop=/bin/ip link del dev wgserver
|
|
||||||
|
|
||||||
[Install]
|
|
||||||
WantedBy=multi-user.target
|
|
17
src/INSTALL
17
src/INSTALL
|
@ -14,15 +14,17 @@ This command takes into account several environment variables:
|
||||||
* RUNSTATEDIR default: /var/run
|
* RUNSTATEDIR default: /var/run
|
||||||
* PKG_CONFIG default: pkg-config
|
* PKG_CONFIG default: pkg-config
|
||||||
|
|
||||||
* WITH_BASHCOMPLETION default: yes
|
* WITH_BASHCOMPLETION default: [auto-detect]
|
||||||
* WITH_WGQUICK default: yes
|
* WITH_WGQUICK default: [auto-detect]
|
||||||
|
* WITH_SYSTEMDUNITS default: [auto-detect]
|
||||||
|
|
||||||
The first section is rather standard. The second section is not:
|
The first section is rather standard. The second section is not:
|
||||||
|
|
||||||
* WITH_BASHCOMPLETION decides whether or not bash completion files for the
|
* WITH_BASHCOMPLETION decides whether or not bash completion files for the
|
||||||
tools are installed. This is just a nice thing for people who have bash.
|
tools are installed. This is just a nice thing for people who have bash.
|
||||||
If you don't have bash, or don't want this, set the environment variable
|
If you don't have bash, or don't want this, set the environment variable
|
||||||
to `no'.
|
to `no'. If you'd like to force its use, even if bash-completion isn't
|
||||||
|
detected in DESTDIR, then set it to `yes'.
|
||||||
|
|
||||||
* WITH_WGQUICK decides whether or not the wg-quick(8) script is installed.
|
* WITH_WGQUICK decides whether or not the wg-quick(8) script is installed.
|
||||||
This is a very quick and dirty bash script for reading a few extra
|
This is a very quick and dirty bash script for reading a few extra
|
||||||
|
@ -31,4 +33,11 @@ The first section is rather standard. The second section is not:
|
||||||
this at all. Likewise, if you already have a working network management
|
this at all. Likewise, if you already have a working network management
|
||||||
tool or configuration, you probably want to integrate wg(8) or the direct
|
tool or configuration, you probably want to integrate wg(8) or the direct
|
||||||
WireGuard API into your network manager, rather than using wg-quick(8).
|
WireGuard API into your network manager, rather than using wg-quick(8).
|
||||||
But for folks who like simple quick&dirty scripts, this is nice.
|
But for folks who like simple quick&dirty scripts, this is nice. If you'd
|
||||||
|
like to force its use, even if bash isn't detected in DESTDIR, then set it
|
||||||
|
to `yes'.
|
||||||
|
|
||||||
|
* WITH_SYSTEMDUNITS decides whether or not systemd units are installed for
|
||||||
|
wg-quick(8). If you don't use systemd, you certainly don't want this, and
|
||||||
|
should set it to `no'. If systemd isn't auto-detected, but you still would
|
||||||
|
like to install it, set this to `yes'.
|
||||||
|
|
41
src/Makefile
41
src/Makefile
|
@ -1,13 +1,34 @@
|
||||||
|
PKG_CONFIG ?= pkg-config
|
||||||
PREFIX ?= /usr
|
PREFIX ?= /usr
|
||||||
DESTDIR ?=
|
DESTDIR ?=
|
||||||
BINDIR ?= $(PREFIX)/bin
|
BINDIR ?= $(PREFIX)/bin
|
||||||
LIBDIR ?= $(PREFIX)/lib
|
LIBDIR ?= $(PREFIX)/lib
|
||||||
MANDIR ?= $(PREFIX)/share/man
|
MANDIR ?= $(PREFIX)/share/man
|
||||||
BASHCOMPDIR ?= $(PREFIX)/share/bash-completion/completions
|
BASHCOMPDIR ?= $(PREFIX)/share/bash-completion/completions
|
||||||
|
SYSTEMDUNITDIR ?= $(shell $(PKG_CONFIG) --variable=systemdsystemunitdir systemd 2>/dev/null || echo "$(PREFIX)/lib/systemd/system")
|
||||||
RUNSTATEDIR ?= /var/run
|
RUNSTATEDIR ?= /var/run
|
||||||
PKG_CONFIG ?= pkg-config
|
WITH_BASHCOMPLETION ?=
|
||||||
WITH_BASHCOMPLETION ?= yes
|
WITH_WGQUICK ?=
|
||||||
WITH_WGQUICK ?= yes
|
WITH_SYSTEMDUNITS ?=
|
||||||
|
|
||||||
|
ifeq ($(WITH_BASHCOMPLETION),)
|
||||||
|
ifneq ($(strip $(wildcard $(DESTDIR)$(BASHCOMPDIR))),)
|
||||||
|
WITH_BASHCOMPLETION := yes
|
||||||
|
endif
|
||||||
|
endif
|
||||||
|
ifeq ($(WITH_WGQUICK),)
|
||||||
|
ifneq ($(strip $(wildcard $(DESTDIR)$(BINDIR)/bash)),)
|
||||||
|
WITH_WGQUICK := yes
|
||||||
|
endif
|
||||||
|
ifneq ($(strip $(wildcard $(DESTDIR)/bin/bash)),)
|
||||||
|
WITH_WGQUICK := yes
|
||||||
|
endif
|
||||||
|
endif
|
||||||
|
ifeq ($(WITH_SYSTEMDUNITS),)
|
||||||
|
ifneq ($(strip $(wildcard $(DESTDIR)$(SYSTEMDUNITDIR))),)
|
||||||
|
WITH_SYSTEMDUNITS := yes
|
||||||
|
endif
|
||||||
|
endif
|
||||||
|
|
||||||
CFLAGS ?= -O3
|
CFLAGS ?= -O3
|
||||||
CFLAGS += -std=gnu11
|
CFLAGS += -std=gnu11
|
||||||
|
@ -30,10 +51,16 @@ clean:
|
||||||
install: wg
|
install: wg
|
||||||
@install -v -d "$(DESTDIR)$(BINDIR)" && install -m 0755 -v wg "$(DESTDIR)$(BINDIR)/wg"
|
@install -v -d "$(DESTDIR)$(BINDIR)" && install -m 0755 -v wg "$(DESTDIR)$(BINDIR)/wg"
|
||||||
@install -v -d "$(DESTDIR)$(MANDIR)/man8" && install -m 0644 -v wg.8 "$(DESTDIR)$(MANDIR)/man8/wg.8"
|
@install -v -d "$(DESTDIR)$(MANDIR)/man8" && install -m 0644 -v wg.8 "$(DESTDIR)$(MANDIR)/man8/wg.8"
|
||||||
@[ "$(WITH_BASHCOMPLETION)" = "yes" ] && install -v -d "$(BASHCOMPDIR)" && install -m 0644 -v completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg"
|
@[ "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \
|
||||||
@[ "$(WITH_WGQUICK)" = "yes" ] && install -m 0755 -v wg-quick.bash "$(DESTDIR)$(BINDIR)/wg-quick"
|
install -v -d "$(DESTDIR)$(BASHCOMPDIR)" && install -m 0644 -v completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg"
|
||||||
@[ "$(WITH_WGQUICK)" = "yes" ] && install -m 0644 -v wg-quick.8 "$(DESTDIR)$(MANDIR)/man8/wg-quick.8"
|
@[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \
|
||||||
@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_BASHCOMPLETION)" = "yes" ] && install -m 0644 -v completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg-quick"
|
install -m 0755 -v wg-quick.bash "$(DESTDIR)$(BINDIR)/wg-quick"
|
||||||
|
@[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \
|
||||||
|
install -m 0644 -v wg-quick.8 "$(DESTDIR)$(MANDIR)/man8/wg-quick.8"
|
||||||
|
@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \
|
||||||
|
install -m 0644 -v completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg-quick"
|
||||||
|
@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_SYSTEMDUNITS)" = "yes" ] || exit 0; \
|
||||||
|
install -v -d "$(DESTDIR)$(SYSTEMDUNITDIR)" && install -m 0644 -v wg-quick@.service "$(DESTDIR)$(SYSTEMDUNITDIR)/wg-quick@.service"
|
||||||
|
|
||||||
check: clean
|
check: clean
|
||||||
CFLAGS=-g scan-build --view --keep-going $(MAKE) wg
|
CFLAGS=-g scan-build --view --keep-going $(MAKE) wg
|
||||||
|
|
19
src/wg-quick@.service
Normal file
19
src/wg-quick@.service
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
[Unit]
|
||||||
|
Description=WireGuard via wg-quick(8) for %I
|
||||||
|
After=network-online.target
|
||||||
|
Wants=network-online.target
|
||||||
|
Documentation=man:wg-quick(8)
|
||||||
|
Documentation=man:wg(8)
|
||||||
|
Documentation=https://www.wireguard.io/
|
||||||
|
Documentation=https://www.wireguard.io/quickstart/
|
||||||
|
Documentation=https://git.zx2c4.com/WireGuard/about/src/tools/wg-quick.8
|
||||||
|
Documentation=https://git.zx2c4.com/WireGuard/about/src/tools/wg.8
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
RemainAfterExit=yes
|
||||||
|
ExecStart=/usr/bin/wg-quick up %i
|
||||||
|
ExecStop=/usr/bin/wg-quick down %i
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
Loading…
Reference in a new issue