diff --git a/net/Makefile b/net/Makefile index 33a3a146edc1..909911c1b6ea 100644 --- a/net/Makefile +++ b/net/Makefile @@ -1527,9 +1527,9 @@ SUBDIR += webalizer-geodb SUBDIR += whois SUBDIR += widentd - SUBDIR += wireguard SUBDIR += wireguard-go SUBDIR += wireguard-kmod + SUBDIR += wireguard-tools SUBDIR += wireshark SUBDIR += wireshark-lite SUBDIR += wlan2eth diff --git a/net/wireguard/Makefile b/net/wireguard-tools/Makefile similarity index 71% rename from net/wireguard/Makefile rename to net/wireguard-tools/Makefile index 131cd4a0e0cb..6870caea0a8a 100644 --- a/net/wireguard/Makefile +++ b/net/wireguard-tools/Makefile @@ -1,10 +1,9 @@ # $FreeBSD$ -PORTNAME= wireguard +PORTNAME= wireguard-tools PORTVERSION= 1.0.20210315 CATEGORIES= net net-vpn MASTER_SITES= https://git.zx2c4.com/wireguard-tools/snapshot/ -DISTNAME= wireguard-tools-${PORTVERSION} MAINTAINER= decke@FreeBSD.org COMMENT= Fast, modern and secure VPN Tunnel @@ -12,8 +11,10 @@ COMMENT= Fast, modern and secure VPN Tunnel LICENSE= GPLv2 LICENSE_FILE= ${WRKDIR}/${DISTNAME}/COPYING +FLAVORS= default lite +lite_PKGNAMESUFFIX= -lite + USES= gmake tar:xz -USE_RC_SUBR= ${PORTNAME} WRKSRC= ${WRKDIR}/${DISTNAME}/src @@ -26,11 +27,22 @@ OPTIONS_DEFAULT=WGQUICK OPTIONS_SUB= yes WGQUICK_DESC= wg-quick(8) userland utility -WGQUICK_RUN_DEPENDS= bash:shells/bash \ - wireguard-go:net/wireguard-go +WGQUICK_RUN_DEPENDS= bash:shells/bash WGQUICK_MAKE_ARGS= WITH_WGQUICK=yes WGQUICK_MAKE_ARGS_OFF= WITH_WGQUICK=no +.if ${FLAVOR:U} == lite +USE_RC_SUBR= wireguard_lite +OPTIONS_EXCLUDE=WGQUICK +COMMENT+= (lite flavor) +.endif + +.include + +.if ${PORT_OPTIONS:MWGQUICK} +USE_RC_SUBR= wireguard_wgquick +.endif + post-patch: @${REINPLACE_CMD} -e 's|/usr/local|${LOCALBASE}|g' \ ${WRKSRC}/completion/wg-quick.bash-completion \ diff --git a/net/wireguard/distinfo b/net/wireguard-tools/distinfo similarity index 87% rename from net/wireguard/distinfo rename to net/wireguard-tools/distinfo index 261b6313287c..4c86269fb72f 100644 --- a/net/wireguard/distinfo +++ b/net/wireguard-tools/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1615823936 +TIMESTAMP = 1615824165 SHA256 (wireguard-tools-1.0.20210315.tar.xz) = af001d5492be6bf58ef0bebe04b446b6f50eb53e1226fab679cc34af40733a22 SIZE (wireguard-tools-1.0.20210315.tar.xz) = 96988 diff --git a/net/wireguard-tools/files/wireguard_lite.in b/net/wireguard-tools/files/wireguard_lite.in new file mode 100644 index 000000000000..74b4556ad966 --- /dev/null +++ b/net/wireguard-tools/files/wireguard_lite.in @@ -0,0 +1,98 @@ +#!/bin/sh + +# $FreeBSD$ +# +# PROVIDE: wireguard +# REQUIRE: DAEMON +# KEYWORD: shutdown +# +# wireguard_enable (bool): Set to "YES" to enable wireguard. +# (default: "NO") +# +# wireguard_interfaces (str): List of interfaces to bring up/down +# on start/stop. (eg: "wg0 wg1") +# (default: "") +# wireguard__ips (str): List of IP Addresses for iface +# wireguard__routes (str): List of Routes for this iface +# wireguard__mtu (str): MTU for iface (default: "1500") + +. /etc/rc.subr + +load_rc_config $name + +: ${wireguard_enable="NO"} +: ${wireguard_interfaces=""} + +name=wireguard +rcvar=wireguard_enable +extra_commands="reload" + +start_cmd="${name}_start" +stop_cmd="${name}_stop" +reload_cmd="${name}_reload" + +wireguard_start() +{ + for interface in ${wireguard_interfaces}; do + load_rc_config wireguard_${interface} + + eval wireguard_ips="\${wireguard_${interface}_ips}" + eval wireguard_routes="\${wireguard_${interface}_routes}" + eval wireguard_mtu="\${wireguard_${interface}_mtu}" + + ifconfig ${interface} create + %%PREFIX%%/bin/wg setconf ${interface} %%PREFIX%%/etc/wireguard/${interface}.conf + + for ip in ${wireguard_ips}; do + if [ "${ip#*:}" != "${ip}" ]; then + ifconfig ${interface} inet6 ${ip} alias + else + ifconfig ${interface} inet ${ip} alias + fi + done + + if [ ! -z "${wireguard_mtu}" ]; then + ifconfig ${interface} mtu ${wireguard_mtu} + fi + + ifconfig ${interface} up + + for route in ${wireguard_routes}; do + if [ "${route#*:}" != "${route}" ]; then + route -q -n add -inet6 ${route} -interface ${interface} + else + route -q -n add -inet ${route} -interface ${interface} + fi + done + done +} + +wireguard_stop() +{ + for interface in ${wireguard_interfaces}; do + load_rc_config wireguard_${interface} + + eval wireguard_routes="\${wireguard_${interface}_routes}" + + for route in ${wireguard_routes}; do + if [ "${route#*:}" != "${route}" ]; then + route -q -n delete -inet6 ${route} -interface ${interface} + else + route -q -n delete -inet ${route} -interface ${interface} + fi + done + + ifconfig ${interface} down + + ifconfig ${interface} destroy + done +} + +wireguard_reload() +{ + for interface in ${wireguard_interfaces}; do + %%PREFIX%%/bin/wg syncconf ${interface} %%PREFIX%%/etc/wireguard/${interface}.conf + done +} + +run_rc_command "$1" diff --git a/net/wireguard/files/wireguard.in b/net/wireguard-tools/files/wireguard_wgquick.in similarity index 100% rename from net/wireguard/files/wireguard.in rename to net/wireguard-tools/files/wireguard_wgquick.in diff --git a/net/wireguard-tools/pkg-descr b/net/wireguard-tools/pkg-descr new file mode 100644 index 000000000000..a34153d5b525 --- /dev/null +++ b/net/wireguard-tools/pkg-descr @@ -0,0 +1,4 @@ +This supplies the main userspace tooling for using and configuring +WireGuard tunnels, including the wg(8) and wg-quick(8) utilities. + +WWW: https://git.zx2c4.com/wireguard-tools/about/ diff --git a/net/wireguard/pkg-plist b/net/wireguard-tools/pkg-plist similarity index 73% rename from net/wireguard/pkg-plist rename to net/wireguard-tools/pkg-plist index 46546b40490e..9aa064fd93e9 100644 --- a/net/wireguard/pkg-plist +++ b/net/wireguard-tools/pkg-plist @@ -3,5 +3,5 @@ bin/wg %%WGQUICK%%man/man8/wg-quick.8.gz man/man8/wg.8.gz share/bash-completion/completions/wg -share/bash-completion/completions/wg-quick +%%WGQUICK%%share/bash-completion/completions/wg-quick %%WGQUICK%%@dir etc/wireguard diff --git a/net/wireguard/pkg-descr b/net/wireguard/pkg-descr deleted file mode 100644 index 2a174e8f5210..000000000000 --- a/net/wireguard/pkg-descr +++ /dev/null @@ -1,8 +0,0 @@ -WireGuard is an extremely simple yet fast and modern VPN that utilizes -state-of-the-art cryptography. It aims to be faster, simpler, leaner, -and more useful than IPSec, while avoiding the massive headache. It -intends to be considerably more performant than OpenVPN. WireGuard is -designed as a general purpose VPN for running on embedded interfaces and -super computers alike, fit for many different circumstances. - -WWW: https://www.wireguard.com