Add packages for wireguard

This commit is contained in:
Disassembler 2019-06-04 19:16:46 +02:00
parent 64aced5d8d
commit 6822f605d1
No known key found for this signature in database
GPG Key ID: 524BD33A0EE29499
6 changed files with 187 additions and 2 deletions

View File

@ -37,6 +37,14 @@ abuild -F
cd ${ROOT}/apk/vmmgr cd ${ROOT}/apk/vmmgr
abuild -F abuild -F
cd ${ROOT}/apk/wireguard
apk add libmnl-dev linux-virt-dev linux-firmware-none
FLAVOR=virt abuild -F
cd ${ROOT}/apk/wireguard-tools
apk add libmnl-dev
abuild -F
# Build apd pack runtimes # Build apd pack runtimes
cd ${ROOT}/lxc-shared cd ${ROOT}/lxc-shared
lxc-build alpine3.8 lxc-build alpine3.8

2
_vm.sh
View File

@ -86,7 +86,7 @@ chroot /mnt setup-timezone -z Europe/Prague
# Install basic system # Install basic system
apk --no-cache add apache2-utils gettext apk --no-cache add apache2-utils gettext
wget https://repo.spotter.cz/_vm.tar -O - | tar xf - -C /mnt wget https://repo.spotter.cz/_vm.tar -O - | tar xf - -C /mnt
chroot /mnt apk --no-cache add bridge ca-certificates curl e2fsprogs-extra gettext iptables kbd-misc libressl lxc postfix nginx openssh-server openssh-sftp-server util-linux wireguard-virt@et wireguard-tools-wg@et acme-sh@vm vmmgr@vm chroot /mnt apk --no-cache add bridge ca-certificates curl e2fsprogs-extra gettext iptables kbd-misc libressl lxc postfix nginx openssh-server openssh-sftp-server util-linux wireguard-virt@vm wireguard-tools-wg@vm acme-sh@vm vmmgr@vm
chroot /mnt newaliases chroot /mnt newaliases
mkdir -p /mnt/var/log/lxc mkdir -p /mnt/var/log/lxc
for SERVICE in cgroups consolefont crond iptables networking nginx ntpd postfix swap urandom vmmgr; do for SERVICE in cgroups consolefont crond iptables networking nginx ntpd postfix swap urandom vmmgr; do

@ -1 +1 @@
Subproject commit d6f738c47ec52d11918d5c0e9edc096270b14b8a Subproject commit 19b16c124498479d6f9d9790da12320ba33eb33c

View File

@ -0,0 +1,66 @@
# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
# NOTE: pkgrel must match _toolsrel in wireguard-vanilla
pkgname=wireguard-tools
pkgver=0.0.20190601
pkgrel=0
pkgdesc="Next generation secure network tunnel: userspace tools"
arch='all'
url='https://www.wireguard.com'
license="GPL-2.0"
makedepends="libmnl-dev"
depends="$pkgname-wg $pkgname-wg-quick"
subpackages="
$pkgname-doc
$pkgname-bash-completion:bashcomp:noarch
$pkgname-wg:_split
$pkgname-wg-quick:_split:noarch
"
options="!check"
source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-$pkgver.tar.xz
alpine-compat.patch
"
builddir="$srcdir"/WireGuard-$pkgver
build() {
cd "$builddir"
make -C src/tools
}
package() {
cd "$builddir"
mkdir -p "$pkgdir/usr/share/doc/$pkgname"
make -C src/tools \
DESTDIR="$pkgdir" \
WITH_BASHCOMPLETION=yes \
WITH_WGQUICK=yes \
WITH_SYSTEMDUNITS=no \
install
find "$builddir"/contrib/examples -name '.gitignore' -delete
cp -rf "$builddir"/contrib/examples "$pkgdir/usr/share/doc/$pkgname/"
}
_split() {
local cmd=${subpkgname/$pkgname-}
pkgdesc="$pkgdesc ($cmd)"
case $cmd in
wg-quick) depends="$pkgname-wg iproute2 bash openresolv" ;;
*) depends= ;;
esac
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/$cmd "$subpkgdir"/usr/bin/
}
bashcomp() {
depends="bash"
pkgdesc="WireGuard bash completions"
mkdir -p "$subpkgdir"/usr
mv "$pkgdir"/usr/share "$subpkgdir"/usr
}
sha512sums="d667e42b90fbda85b005ae2966689dadc9975c1a53ca5ddfff44214ed55ad7d55d451008c225a4619c834bd7af598af1f127d76a8a3a86cf2e6d886ea0638cf3 WireGuard-0.0.20190601.tar.xz
4577574333f023217ae6e0945807e1ccd2dec7caa87e329b1d5b44569f6b5969663ad74f8154b85d3dc7063dd762649e3fa87c7667e238ffb77c0e5df9245a5e alpine-compat.patch"

View File

@ -0,0 +1,12 @@
diff --git a/src/tools/wg-quick/linux.bash b/src/tools/wg-quick/linux.bash
--- a/src/tools/wg-quick/linux.bash
+++ b/src/tools/wg-quick/linux.bash
@@ -201,7 +201,7 @@
cmd ip $proto rule add table main suppress_prefixlength 0
while read -r key _ value; do
[[ $value -eq 1 ]] && sysctl -q "$key=2"
- done < <(sysctl -a -r '^net\.ipv4.conf\.[^ .=]+\.rp_filter$')
+ done < <(sysctl -a 2>/dev/null | sed -n -r 's#^(net\.ipv4.conf\.[^ .=]+\.rp_filter).*$#\1#p')
return 0
}

99
apk/wireguard/APKBUILD Normal file
View File

@ -0,0 +1,99 @@
# Contributor: Stuart Cardall <developer@it-offshore.co.uk>
# Maintainer: Stuart Cardall <developer@it-offshore.co.uk>
# wireguard version
_ver=0.0.20190601
_rel=0
# kernel version
_kver=4.19.41
_krel=0
_kpkgver="$_kver-r$_krel"
# for custom kernels set $FLAVOR
_extra_flavors=
if [ -z "$FLAVOR" ]; then
_flavor=vanilla
case $CARCH in
x86|x86_64) _extra_flavors="virt";;
esac
else
_flavor=$FLAVOR
fi
_kpkg=linux-$_flavor
pkgname=wireguard-$_flavor
pkgver=$_kver
pkgrel=2
pkgrel=$(($pkgrel + $_krel))
pkgdesc="Next generation secure network tunnel: kernel modules for $_flavor"
arch="all"
url="https://www.wireguard.com"
license="GPL-2.0"
depends="linux-$_flavor=$_kpkgver"
makedepends="
libmnl-dev
linux-$_flavor-dev=$_kpkgver
linux-firmware-none
"
install_if="wireguard-tools-wg=$_ver-r$_rel linux-$_flavor=$_kpkgver"
options="!check"
source="https://git.zx2c4.com/WireGuard/snapshot/WireGuard-$_ver.tar.xz"
builddir="$srcdir"/WireGuard-$_ver
for f in $_extra_flavors; do
makedepends="$makedepends linux-$f-dev=$_kpkgver"
subpackages="$subpackages wireguard-$f:_extra"
done
prepare() {
default_prepare
if [ -z "$FLAVOR" ]; then
( . "$startdir"/../../main/linux-$_flavor/APKBUILD
[ "$_kver" != "$pkgver" ] && die "please update _kver to $pkgver"
[ "$_krel" != "$pkgrel" ] && die "please update _krel to $pkgrel"
return 0
)
fi
if [ -z "$FLAVOR" ]; then
( . "$startdir"/../../community/wireguard-tools/APKBUILD
[ "$_ver" != "$pkgver" ] && die "please update _ver to $pkgver"
[ "$_rel" != "$pkgrel" ] && die "please update _rel to $pkgrel"
return 0
)
fi
local flavor=
for flavor in $_flavor $_extra_flavors; do
cp -r "$builddir" "$srcdir"/$flavor
done
}
build() {
unset LDFLAGS
local flavor= kabi=
for flavor in $_flavor $_extra_flavors; do
kabi="$_kver-$_krel-$flavor"
make -C "$srcdir/$flavor"/src \
KERNELDIR=/lib/modules/$kabi/build module
done
}
package() {
local kabi="$_kver-$_krel-$_flavor"
install -Dm644 "$srcdir"/$_flavor/src/wireguard.ko \
"$pkgdir/lib/modules/$kabi/extra/wireguard.ko"
}
_extra() {
flavor=${subpkgname##*-}
depends="linux-$flavor=$_kpkgver"
install_if="wireguard-tools-wg=$_ver-r$_rel linux-$flavor=$_kpkgver"
pkgdesc="Next generation secure network tunnel: kernel modules for $flavor"
local kabi="$_kver-$_krel-$flavor"
install -Dm644 "$srcdir"/virt/src/wireguard.ko \
"$subpkgdir/lib/modules/$kabi/extra/wireguard.ko"
}
sha512sums="d667e42b90fbda85b005ae2966689dadc9975c1a53ca5ddfff44214ed55ad7d55d451008c225a4619c834bd7af598af1f127d76a8a3a86cf2e6d886ea0638cf3 WireGuard-0.0.20190601.tar.xz"