Include directive to support "conf.d/*" and the like

Roman Mamedov rm at romanrm.net
Sat Apr 14 10:47:25 CEST 2018


On Sat, 14 Apr 2018 03:47:57 +0200
"Jason A. Donenfeld" <Jason at zx2c4.com> wrote:

> Hi Roman,
> 
> This also came up in another thread I was replying to earlier tonight.
> While one way indeed is to have an 'include' directive, it seems
> simple enough to just do something like:
> 
> $ wg setconf wg0 <(cat /etc/wireguard/mysite.conf.d/*.conf)
> 
> And then you can have various fragments in there like:
> 
> 000-interface.conf
> 001-peergroupA.conf
> 001-peergroupB.conf
> 001-peergroupC.conf
> 
> And so forth. Would this be an acceptable solution for you?

Yeah, thanks. I settled on a solution similar to this. Since WG in my case is
"external" to the main OS (i.e. not wired into standard initscripts or network
configuration), I have my own shell-script bringing it up anyways -- and that
script might as well pre-process or generate the configuration file. So now I
build a full config file in /tmp/ from various pieces and auto-detected
host-specific conditions, and then do a setconf to that. (Rather than addconf
as some suggested, I prefer to have the complete file available on disk for
inspection in case any debugging is needed).

-- 
With respect,
Roman


More information about the WireGuard mailing list