[TOOL] wg-config graduates to src/tools, becomes wg-auto-config
Jason A. Donenfeld
Jason at zx2c4.com
Mon Jan 2 05:57:43 CET 2017
Hi guys,
The re-written `wg-auto-config` script is now a part of src/tools and
adds a few configuration variables to the configuration file format,
to make it really easy to define VPNs with a single file. This has
been requested by many of you, and here is, at long last, a basic
solution.
It's a simple bash script. It gets installed by `make install` in the
src/tools directory, but I realize that not all distributions want
this. For example, both NixOS and OpenWRT already have WireGuard built
into their network management utilities, and OpenWRT doesn't even ship
bash. So for these distributions, where it is useless, I expect for
them to install with `WITH_WGAUTOCONFIG=no make -C src/tools install`,
in order to not install it. As WireGuard gets integrated into other
network management utilities, such as systemd-networkd, I expect for
this script to fade in usefulness and eventually be removed all
together. But for now, it's quite helpful and will be useful to some
users.
So what is this tool? Here's the man page:
https://git.zx2c4.com/WireGuard/about/src/tools/wg-auto-config.8
And here's an example:
[Interface]
Address = 10.200.100.8/24
PostUp = echo ’nameserver 10.200.100.1’ | cmd resolvconf -a $INTERFACE -m 0
PostDown = cmd resolvconf -d $INTERFACE
PrivateKey = oK56DE9Ue9zK76rAc8pBl6opph+1v36lm7cXXsQKrQM=
PresharedKey = /UwcSPg38hW/D9Y3tcS1FOV0K1wuURMbS0sesJEP5ak=
[Peer]
PublicKey = GtL7fZc/bLnqZldpVofMCD6hDjrK28SsdLxevJ+qtKU=
AllowedIPs = 0.0.0.0/0
Endpoint = demo.wireguard.io:51820
This is a normal wg(8) format, except with the addition of the
"Address" line and the "PostUp" and "PostDown" lines. You give this to
wg-auto-config, and everything, including routing, is taken care of
for you. For example, save this in /etc/wireguard/wgdemo0.conf and
then run:
$ wg-auto-config up wgdemo0
And voila, your VPN is running.
Check out the man page, read the script --
https://git.zx2c4.com/WireGuard/tree/src/tools/wg-auto-config -- and
please let me know what you think before I cut the next snapshot.
Regards,
Jason
More information about the WireGuard
mailing list