Include directive to support "conf.d/*" and the like

Daniel Kahn Gillmor dkg at
Fri Mar 16 11:59:47 CET 2018

On Fri 2018-03-16 13:02:22 +0500, Roman Mamedov wrote:
> While it would be nice if WireGuard had a "hosts/" directory like Tinc uses
> (basically storing its equivalents of WG's [Peer] sections each in a separate
> file), I feel the most flexible way to support such scenarios would be to have
> a generic "Include" directive. That way I could do
> "Include /etc/wireguard/peers/*.conf" and then not only store each peer
> information in its own file, but also roll-out or fetch and
> add/remove/overwrite those files from a central repository.

If you're automating deployment you can always store the config file
broken out this way and then assemble a single config during deployment
with a simple wrapper script.  or you could generate the full .conf from
some other toolchain entirely (e.g., export from an rdbms or generate
from a dump from some other pki) -- it's not as clean or tightly
integrated as it would be to have an include directive, but it's
certainly easier to rig together.


More information about the WireGuard mailing list