[WireGuard] What is a good way to ingrate (as of now) wireguard into openrc in Gentoo?
Jason A. Donenfeld
Jason at zx2c4.com
Sat Nov 19 02:14:00 CET 2016
Hey Kalin,
Funny enough, I can't remember the exact interworkings of that script,
because I didn't write it. A guy named zhasha in #wireguard did. I'll
ask him to document it; that could be useful. I know another gentoo
dev was working on a WireGuard gentoo page for the wiki.
I think, in short, the way it works is you add this to your /etc/conf.d/net:
wireguard_wg0="/path/to/file.conf"
or,
wireguard_wg0="private-key /path/to/whatever listen-port 1234 peer
ABCDEF= endpoint 1.2.3.4:2468"
In other words, if the argument is a file path, it is passed to
setconf, and otherwise they're passed to set. You can then use the
other ordinary netifrc values for setting the IP addresses.
A somewhat reasonable place to store config files would be in
/etc/wireguard, and make sure that directory is chmod'd to 700, since
it contains private keys.
Jason
More information about the WireGuard
mailing list