testing/wireguard-grsec / wireguard-vanilla / wireguard-tools

[itoffshore]

WireGuard is a novel VPN that runs inside the Linux Kernel and utilizes
state-of-the-art cryptography.

It aims to be faster, simpler, leaner, and more useful than IPSec, while
avoiding the massive headache. It intends to be considerably more performant
than OpenVPN.

WireGuard is designed as a general purpose VPN for running on embedded
interfaces and super computers alike, fit for many different circumstances.
It runs over UDP.

https://www.wireguard.io

[algitbot]

Merged in 302e07d, 9b2a721, bb1bb8e by @kaniini. Thanks for your contribution!

(This pull request has been closed automatically by GitHub PR Closer. If you think that it’s not resolved yet, please add a comment.)

[zx2c4]

Thanks for this package contribution! In the future, please give me a mention in any PRs or issues, so I can review before merging. This is wonderful work nonetheless, and I'm quite happy to see this in alpine. This review has a few little nits to cleanup in the next commit.

[zx2c4]

Thanks for this package contribution! In the future, please give me a mention in any PRs or issues, so I can review before merging. This is wonderful work nonetheless, and I'm quite happy to see this in alpine. This review has a few little nits to cleanup in the next commit.

[zx2c4]

You probably do not need to depend on sparse, unless you're actually doing development. It's not the "test suite" that you think it is.

[itoffshore]

have removed make check & changed the makedepends

[zx2c4]

Why not instead run make -C src/ .... module-install?

[itoffshore]

module-install tries to install into /lib & does not obey DESTDIR="$pkgdir" passed to make

[zx2c4]

Do you need to run depmod after installing kernel modules, or does some higher level alpine layer already do that for you?

[itoffshore]

the kernel modules should install themselves automatically when wireguard-tools is installed - fixing in #954

[zx2c4]

Just remove this section. It doesn't do what you want in the first place. It's for development, not for usage by packagers. If this confusion becomes widespread, I'll just remove it from the package I distribute and keep the shortcut locally.

[itoffshore]

removed

[zx2c4]

Sparse has nothing to do with the tools and is not needed. Remove this dependency.

[itoffshore]

it was never a hard dependency to the userspace tools (only a build time depends)

removed in #954

[zx2c4]

This has no business at all of being in the -tools package, and doesn't do what you'd hope it does anyway. Please remove this section.

[itoffshore]

Alpine Linux's apkbuild runs check() on every single package in the repo now. If available it should run the software's built in unit tests.

Have removed make check as requested in #954

[zx2c4]

I'm not sure how this would work for you, but the WireGuard module actually has built-in selftests when built in DEBUG mode. When enabled, either the module inserts and everything is fine, or it fails to insert, which implies the tests have failed (and you get something in dmesg). This probably is too difficult to do in a package though...

[zx2c4]

Sparse is not a requirement. Please remove it.

[itoffshore]

see #954

[zx2c4]

Why not instead run make -C src/ .... module-install?

[itoffshore]

module-install tries to install into /lib & does not obey DESTDIR="$pkgdir" passed to make

[zx2c4]

module-install will respond to INSTALL_MOD_PATH being set, actually. So this is the right way to do it. In the next WireGuard release, I'll investigate wiring DESTDIR up to INSTALL_MOD_PATH, so that these can be unified. Thanks for pointing out the shortcomings to me.

[zx2c4]

Do you need to run depmod after installing kernel modules, or does some higher level alpine layer already do that for you?

[itoffshore]

the kernel modules should install themselves automatically when wireguard-tools is installed - fixing in #954

[zx2c4]

Just remove this section. It doesn't do what you want in the first place. It's for development, not for usage by packagers. If this confusion becomes widespread, I'll just remove it from the package I distribute and keep the shortcut locally.

[itoffshore]

Alpine Linux's apkbuild runs check() on every single package in the repo now. If available it should run the software's built in unit tests.

Have removed make check as requested in #954

[itoffshore]

@zx2c4 - in summary:

• you can view the various wireguard packages + their contents & dependencies here.
• sparse was never a hard dependency (only build time) & is removed in #954
• tests subpkg completely removed in #954
• running apk add wireguard-tools will also automatically install the appropriate kernel modules.

At the moment wireguard is in the testing repo so you will need to pin the edge repo & apk add linux-grsec@edge or apk add linux-vanilla@edge.

NB: pinning the testing repo normally causes dependency problems particularly with perl & python packages. You probably want to set /etc/apk/repositories to:

http://nl.alpinelinux.org/alpine/v3.5/main
http://nl.alpinelinux.org/alpine/v3.5/community
@edge http://nl.alpinelinux.org/alpine/edge/main
@edgecom http://nl.alpinelinux.org/alpine/edge/community
http://nl.alpinelinux.org/alpine/edge/testing

[zx2c4]

developer tools are contained in wireguards-tests not wireguard-tools

That tests package is bogus and will never work. It should not ever be distributed as a package by distributions. As written elsewhere, if other people make this same confusion, then I'll just remove that code from the tree.

running apk add wireguard-tools will also automatically install the appropriate kernel modules.

Awesome! That's super easy. I like the reverse dependency logic of apk; very nice.