add new package net-vpn/amneziawg-tools
parent
f6142406e0
commit
cb4863b873
GPG Key ID:
E93720C6C73A77F4
|
|
@ -0,0 +1,3 @@
|
|||
AUX wg-quick.init 885 BLAKE2B 440224b688b1a1b4762bac7ac3bd6cb6fbee546543f1da70fcf5ee1c6d213ff62c43d502fd88d1778913455cc233b6419b3176690b471a71aaf2792671045eee SHA512 3de3edb359a786bdb8de06f496caced1293048c2ec489073c0525b4eca61365424ffde6a7eb899d7672db38872b6c67436b2e39019e92300ca5e590ba02c2e84
|
||||
DIST amneziawg-tools-1.0.20240201.tar.gz 152449 BLAKE2B ea29e04fbde1688c1fc8d107f359f9565d50bb8d5834c82802b9904c9df3fef4b0f84dc8fa032a5d6babda3b795f27f0f0744af5bb52bf44fbd44a3ab8e04a09 SHA512 6a70b679c4f37a4672a8a1436d21f9058fe4565055a5d641fce3157f3e8af31a51799ea9dac741026a9d5a4312c85844430bb9815efac36759a396523ec87bf0
|
||||
EBUILD amneziawg-tools-1.0.20240201.ebuild 4085 BLAKE2B c20832dadc14607e7f6b3b75a209d3a38452c895d88b77f5f61dcde3d79fd3f7b30267c204e1d9952837383565b7d93f04cdaa7984ed8ffd9ab56d3dd0380719 SHA512 d41a74d92fc9dfbd4ff48a18ba96b44e650c6e0c92bf63a2c442be7d567e59d18c177d859630af5b894b07800555e77fcfb961324d717c789a817cd29d0d0dcf
|
||||
|
|
@ -0,0 +1,117 @@
|
|||
# Copyright 1999-2022 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
EAPI=7
|
||||
|
||||
inherit linux-info bash-completion-r1 systemd toolchain-funcs
|
||||
|
||||
DESCRIPTION="Fast, modern, secure VPN tunnel"
|
||||
HOMEPAGE="https://github.com/amnezia-vpn/amneziawg-tools"
|
||||
|
||||
if [[ ${PV} == 9999 ]]; then
|
||||
inherit git-r3
|
||||
EGIT_REPO_URI="https://github.com/amnezia-vpn/amneziawg-tools.git"
|
||||
else
|
||||
SRC_URI="https://github.com/amnezia-vpn/${PN}/archive/refs/tags/v${PV}.tar.gz -> ${P}.tar.gz"
|
||||
KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~loong ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86"
|
||||
fi
|
||||
|
||||
LICENSE="GPL-2"
|
||||
SLOT="0"
|
||||
IUSE="+wg-quick selinux"
|
||||
|
||||
BDEPEND="virtual/pkgconfig"
|
||||
DEPEND=""
|
||||
RDEPEND="${DEPEND}
|
||||
wg-quick? (
|
||||
|| ( net-firewall/nftables net-firewall/iptables )
|
||||
virtual/resolvconf
|
||||
)
|
||||
selinux? ( sec-policy/selinux-wireguard )
|
||||
"
|
||||
|
||||
wg_quick_optional_config_nob() {
|
||||
CONFIG_CHECK="$CONFIG_CHECK ~$1"
|
||||
declare -g ERROR_$1="CONFIG_$1: This option is required for automatic routing of default routes inside of wg-quick(8), though it is not required for general WireGuard usage."
|
||||
}
|
||||
|
||||
pkg_setup() {
|
||||
if use wg-quick; then
|
||||
wg_quick_optional_config_nob IP_ADVANCED_ROUTER
|
||||
wg_quick_optional_config_nob IP_MULTIPLE_TABLES
|
||||
wg_quick_optional_config_nob IPV6_MULTIPLE_TABLES
|
||||
if has_version net-firewall/nftables; then
|
||||
wg_quick_optional_config_nob NF_TABLES
|
||||
wg_quick_optional_config_nob NF_TABLES_IPV4
|
||||
wg_quick_optional_config_nob NF_TABLES_IPV6
|
||||
wg_quick_optional_config_nob NFT_CT
|
||||
wg_quick_optional_config_nob NFT_FIB
|
||||
wg_quick_optional_config_nob NFT_FIB_IPV4
|
||||
wg_quick_optional_config_nob NFT_FIB_IPV6
|
||||
wg_quick_optional_config_nob NF_CONNTRACK_MARK
|
||||
elif has_version net-firewall/iptables; then
|
||||
wg_quick_optional_config_nob NETFILTER_XTABLES
|
||||
wg_quick_optional_config_nob NETFILTER_XT_MARK
|
||||
wg_quick_optional_config_nob NETFILTER_XT_CONNMARK
|
||||
wg_quick_optional_config_nob NETFILTER_XT_MATCH_COMMENT
|
||||
wg_quick_optional_config_nob NETFILTER_XT_MATCH_ADDRTYPE
|
||||
wg_quick_optional_config_nob IP6_NF_RAW
|
||||
wg_quick_optional_config_nob IP_NF_RAW
|
||||
wg_quick_optional_config_nob IP6_NF_FILTER
|
||||
wg_quick_optional_config_nob IP_NF_FILTER
|
||||
fi
|
||||
fi
|
||||
get_version
|
||||
if [[ -f $KERNEL_DIR/include/uapi/linux/wireguard.h ]]; then
|
||||
CONFIG_CHECK="~WIREGUARD $CONFIG_CHECK"
|
||||
declare -g ERROR_WIREGUARD="CONFIG_WIREGUARD: This option is required for using WireGuard."
|
||||
elif kernel_is -ge 3 10 0 && kernel_is -lt 5 6 0 && ! has_version net-vpn/wireguard-modules; then
|
||||
ewarn
|
||||
ewarn "Your kernel does not appear to have upstream support for WireGuard"
|
||||
ewarn "via CONFIG_WIREGUARD. However, the net-vpn/wireguard-modules ebuild"
|
||||
ewarn "contains a compatibility module that should work for your kernel."
|
||||
ewarn "It is highly recommended to install it:"
|
||||
ewarn
|
||||
ewarn " emerge -av net-vpn/wireguard-modules"
|
||||
ewarn
|
||||
fi
|
||||
linux-info_pkg_setup
|
||||
}
|
||||
|
||||
src_compile() {
|
||||
emake RUNSTATEDIR="${EPREFIX}/run" -C src CC="$(tc-getCC)" LD="$(tc-getLD)"
|
||||
}
|
||||
|
||||
src_install() {
|
||||
dodoc README.md
|
||||
dodoc -r contrib
|
||||
emake \
|
||||
WITH_BASHCOMPLETION=yes \
|
||||
WITH_SYSTEMDUNITS=yes \
|
||||
WITH_WGQUICK=$(usex wg-quick) \
|
||||
DESTDIR="${D}" \
|
||||
BASHCOMPDIR="$(get_bashcompdir)" \
|
||||
SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \
|
||||
PREFIX="${EPREFIX}/usr" \
|
||||
-C src install
|
||||
use wg-quick && newinitd "${FILESDIR}/awg-quick.init" awg-quick
|
||||
}
|
||||
|
||||
pkg_postinst() {
|
||||
einfo
|
||||
einfo "After installing WireGuard, if you'd like to try sending some packets through"
|
||||
einfo "WireGuard, you may use, for testing purposes only, the insecure client.sh"
|
||||
einfo "test example script:"
|
||||
einfo
|
||||
einfo " \$ bzcat ${ROOT}/usr/share/doc/${PF}/contrib/ncat-client-server/client.sh.bz2 | sudo bash -"
|
||||
einfo
|
||||
einfo "This will automatically setup interface wg0, through a very insecure transport"
|
||||
einfo "that is only suitable for demonstration purposes. You can then try loading the"
|
||||
einfo "hidden website or sending pings:"
|
||||
einfo
|
||||
einfo " \$ chromium http://192.168.4.1"
|
||||
einfo " \$ ping 192.168.4.1"
|
||||
einfo
|
||||
einfo "More info on getting started can be found at: https://www.wireguard.com/quickstart/"
|
||||
einfo
|
||||
}
|
||||
|
|
@ -0,0 +1,38 @@
|
|||
#!/sbin/openrc-run
|
||||
# Copyright 2020 Gentoo Authors
|
||||
# Distributed under the terms of the GNU General Public License v2
|
||||
|
||||
name="WireGuard"
|
||||
description="WireGuard via wg-quick(8)"
|
||||
|
||||
depend() {
|
||||
need net
|
||||
use dns
|
||||
}
|
||||
|
||||
CONF="${SVCNAME#*.}"
|
||||
|
||||
checkconfig() {
|
||||
if [ "$CONF" = "$SVCNAME" ]; then
|
||||
eerror "You cannot call this init script directly. You must create a symbolic link to it with the configuration name:"
|
||||
eerror " ln -s /etc/init.d/wg-quick /etc/init.d/wg-quick.vpn0"
|
||||
eerror "And then call it instead:"
|
||||
eerror " /etc/init.d/wg-quick.vpn0 start"
|
||||
return 1
|
||||
fi
|
||||
return 0
|
||||
}
|
||||
|
||||
start() {
|
||||
checkconfig || return 1
|
||||
ebegin "Starting $description for $CONF"
|
||||
wg-quick up "$CONF"
|
||||
eend $? "Failed to start $description for $CONF"
|
||||
}
|
||||
|
||||
stop() {
|
||||
checkconfig || return 1
|
||||
ebegin "Stopping $description for $CONF"
|
||||
wg-quick down "$CONF"
|
||||
eend $? "Failed to stop $description for $CONF"
|
||||
}
|
||||
Loading…
Reference in New Issue