WireGuard for OpenBSD
Jason A. Donenfeld
Jason at zx2c4.com
Tue May 22 17:50:39 CEST 2018
[cross-posted to the WireGuard mailing list]
Hello OpenBSD Ports List,
I sent a very similar email [0] to the FreeBSD ports list yesterday.
I'm the author of WireGuard [1], a secure network tunnel protocol [2]
and a set of implementations of it. It was originally designed for the
Linux kernel, but we're now beginning to have implementations for
other platforms. Recently, parts of the Internet got excited [3] when
we put a Darwin version in Homebrew. We've been working on getting an
implementation running for OpenBSD, and things are coming along pretty
smoothly.
The ultimate goal in OpenBSD land is, of course, having this properly
in the kernel like it is on Linux, but that's a long ways off, so I
thought we should get rolling with this, since it's here now.
I'm not entirely familiar with the ports/pkg adding process, and so I
was hoping to find somebody who is part of the OpenBSD community to
adopt WireGuard and help maintain packages for it. We currently have
packages for many Linux distros [4], but not yet BSD ports. There are
two packages to add:
1. wireguard-tools, providing wg(8) and wg-quick(8)
Runtime dependencies: bash, wireguard-go, libc
Buildtime dependencies: gmake, c compiler, libc
Fixup: sed -i 's/ -v / /g' src/tools/Makefile
Build: gmake -C src/tools WITH_WGQUICK=yes
Install: gmake -C src/tools PREFIX=/usr/local install
URL template: https://git.zx2c4.com/WireGuard/snapshot/WireGuard-VERSION.tar.xz
2. wireguard-go
Runtime dependencies: none
Buildtime dependencies: gmake, go
Fixup: sed -i 's/ -v / /g' Makefile
Build: export GOPATH=$(pwd)/gopath; go get -d; gmake
Install: gmake PREFIX=/usr/local install
URL template: https://git.zx2c4.com/wireguard-go/snapshot/wireguard-go-VERSION.tar.xz
For reference, these two packages in Homebrew look like this:
https://github.com/Homebrew/homebrew-core/blob/master/Formula/wireguard-tools.rb
https://github.com/Homebrew/homebrew-core/blob/master/Formula/wireguard-go.rb
And for your horror, I've made a please-dont-pipe-like-that
copy-and-paste install script:
# curl https://xn--4db.cc/IKuBc62Z | sh
That script won't work as-is at the moment, since I haven't yet tagged
tarballs with OpenBSD support, but in the coming days, I'll tag one
that has this latest OpenBSD code in it. (In the meantime, you can run
`# curl https://xn--4db.cc/IKuBc62Z | sh /dev/stdin --master` to get
it from git master. See demo.wireguard.com for another script for a
little test server.) I was hoping that in the time between now and
then, we might find somebody willing and interested in packaging this
properly.
Does this sound fun to anyone?
Best regards,
Jason
[0] https://docs.freebsd.org/cgi/getmsg.cgi?fetch=116808+0+current/freebsd-ports
[1] https://www.wireguard.com/
[2] https://www.wireguard.com/papers/wireguard.pdf
[3] http://latacora.singles/2018/05/16/there-will-be.html
[4] https://www.wireguard.com/install/
More information about the WireGuard
mailing list