* WireGuard in systemd-networkd @ 2018-01-09 13:49 Jason A. Donenfeld 2018-01-09 14:59 ` Matthias Urlichs ` (3 more replies) 0 siblings, 4 replies; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-09 13:49 UTC (permalink / raw) To: WireGuard mailing list Hi folks, Thanks to the wonderful work of J=C3=B6rg Thalheim, WireGuard is now supported inside systemd-netword's .netdev files. The syntax should be pretty similar to wg(8). Expect for this to be released as part of the next release of systemd, where you'll then be able to read the man pages for using it. Next up - anybody interested in providing support for NetworkManager? Jason ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 13:49 WireGuard in systemd-networkd Jason A. Donenfeld @ 2018-01-09 14:59 ` Matthias Urlichs 2018-01-09 15:20 ` Daniel Kahn Gillmor ` (2 subsequent siblings) 3 siblings, 0 replies; 20+ messages in thread From: Matthias Urlichs @ 2018-01-09 14:59 UTC (permalink / raw) To: wireguard On 09.01.2018 14:49, Jason A. Donenfeld wrote: > Thanks to the wonderful work of Jörg Thalheim, WireGuard is now > supported inside systemd-netword's .netdev files. That's great. Thaks for doing the work. Speaking of systemd, and almost completely offtopic: would somebody be willing to add support for ppp/pppoe to systemd-networkd? that's still missing … -- -- Matthias Urlichs ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 13:49 WireGuard in systemd-networkd Jason A. Donenfeld 2018-01-09 14:59 ` Matthias Urlichs @ 2018-01-09 15:20 ` Daniel Kahn Gillmor 2018-01-09 17:38 ` Jason A. Donenfeld 2018-01-09 17:19 ` Germano Massullo 2018-01-30 12:07 ` WireGuard in systemd-networkd Jörg Thalheim 3 siblings, 1 reply; 20+ messages in thread From: Daniel Kahn Gillmor @ 2018-01-09 15:20 UTC (permalink / raw) To: Jason A. Donenfeld, WireGuard mailing list [-- Attachment #1: Type: text/plain, Size: 946 bytes --] On Tue 2018-01-09 14:49:13 +0100, Jason A. Donenfeld wrote: > Thanks to the wonderful work of Jörg Thalheim, WireGuard is now > supported inside systemd-netword's .netdev files. The syntax should be > pretty similar to wg(8). Expect for this to be released as part of the > next release of systemd, where you'll then be able to read the man > pages for using it. very cool! systemd-networkd end up invoking wg(8)? or does it interact with the kernel directly? if doesn't need wg(8), then once the new release of systemd is made, we may want to change the dependency recommendations for the wireguard kernel module packages. > Next up - anybody interested in providing support for NetworkManager? iirc, NetworkManager imports a big chunk of systemd in each release (yuck embedded code copies). maybe it'll import the relevant wireguard bits as well? that would probably make the NM work an easier lift. --dkg [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 15:20 ` Daniel Kahn Gillmor @ 2018-01-09 17:38 ` Jason A. Donenfeld 2018-01-10 7:09 ` Daniel Kahn Gillmor 0 siblings, 1 reply; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-09 17:38 UTC (permalink / raw) To: Daniel Kahn Gillmor; +Cc: WireGuard mailing list Hey Dan, On Tue, Jan 9, 2018 at 4:20 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > very cool! systemd-networkd end up invoking wg(8)? or does it interact > with the kernel directly? We taught systemd to talk the generic netlink protocol --useful for all sorts of new things cropping up in the kernel -- and then after that we taught it to talk wireguard, which builds on top of generic netlink. And, it doesn't introduce any build-time dependencies into systemd-networkd. So it's there for people who want it and not there for those who don't. I think this is the right approach for Linux-centric approaches like systemd. > > if doesn't need wg(8), then once the new release of systemd is made, we > may want to change the dependency recommendations for the wireguard > kernel module packages. Maybe? I'm not quite sure what the Debian semantics for recommendations are. If additional recommendations crowd out existing recommendations, or introduce some kind of automatic selection logic where only one has to be satisfied in an install-recommendations mode, then I'd be hesitant. The reason is that wg(8) allows users to see what's going on with the wireguard interface, whereas networkd only enables setting up the interface but after doesn't give much visibility into what's going on. So all users who run wireguard probably want wg(8), and only some users who run wireguard additionally will want systemd-networkd. But as I said, I don't know what the Debian recommendations are supposed to be precisely, so you can decide this better than me. > >> Next up - anybody interested in providing support for NetworkManager? > > iirc, NetworkManager imports a big chunk of systemd in each release > (yuck embedded code copies). maybe it'll import the relevant wireguard > bits as well? that would probably make the NM work an easier lift. Oh, cool, I didn't realize that. Thanks for the pointer. I'll poke around to see what they import. Jason ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 17:38 ` Jason A. Donenfeld @ 2018-01-10 7:09 ` Daniel Kahn Gillmor 2018-01-10 8:50 ` Matthias Urlichs ` (2 more replies) 0 siblings, 3 replies; 20+ messages in thread From: Daniel Kahn Gillmor @ 2018-01-10 7:09 UTC (permalink / raw) To: Jason A. Donenfeld; +Cc: WireGuard mailing list [-- Attachment #1: Type: text/plain, Size: 3441 bytes --] On Tue 2018-01-09 18:38:59 +0100, Jason A. Donenfeld wrote: > On Tue, Jan 9, 2018 at 4:20 PM, Daniel Kahn Gillmor > <dkg@fifthhorseman.net> wrote: >> very cool! systemd-networkd end up invoking wg(8)? or does it interact >> with the kernel directly? > > We taught systemd to talk the generic netlink protocol --useful for > all sorts of new things cropping up in the kernel -- and then after > that we taught it to talk wireguard, which builds on top of generic > netlink. And, it doesn't introduce any build-time dependencies into > systemd-networkd. So it's there for people who want it and not there > for those who don't. I think this is the right approach for > Linux-centric approaches like systemd. cool. this sounds very much like you've decided that the netlink interface is now stable, which is good to hear :) It becomes much trickier to update the interface when you've got external tools (whose release cycle you don't control) talking to them! >> if doesn't need wg(8), then once the new release of systemd is made, we >> may want to change the dependency recommendations for the wireguard >> kernel module packages. > > Maybe? I'm not quite sure what the Debian semantics for > recommendations are. If additional recommendations crowd out existing > recommendations, or introduce some kind of automatic selection logic > where only one has to be satisfied in an install-recommendations mode, > then I'd be hesitant. The reason is that wg(8) allows users to see > what's going on with the wireguard interface, whereas networkd only > enables setting up the interface but after doesn't give much > visibility into what's going on. So all users who run wireguard > probably want wg(8), and only some users who run wireguard > additionally will want systemd-networkd. But as I said, I don't know > what the Debian recommendations are supposed to be precisely, so you > can decide this better than me. thanks for the explanation. debian's semantics are: https://www.debian.org/doc/debian-policy/#binary-dependencies-depends-recommends-suggests-enhances-pre-depends Basically, Recommends: isn't the same as a hard Depends: -- it's possible to ignore a Recommends: on systems you want to consciously keep minimal. The disjunction (A | B) means "if one of A or B is installed, don't bother trying to satisfy the other; but if neither is installed, install A". systemd-networkd is shipped (but by default disabled) in the systemd package itself. At the moment, wireguard-dkms (the kernel module package) Recommends: wireguard-tools (which supplies wg(8)), which i'd write as: 0) Recommends: wireguard-tools So i think we have several other choices: 1) Recommends: systemd | wireguard-tools 2) Recommends: wireguard-tools | systemd 3) Recommends: wireguard-tools, systemd 4) Recommends: wireguard-tools Suggests: systemd Of the above, i think i'll probably either stick with 0 or move to 4. given what you said above, i don't really like the idea of using the disjunction; people already running systemd will have systemd-networkd available; and i don't want the wireguard-dkms package to encourage people to install systemd if they've already made a decision to avoid the default and not use it. oh, also, any reference to systemd here would probably be versioned to be at least the first version that supports it. let me know if you have any other preferences or suggestions. --dkg [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-10 7:09 ` Daniel Kahn Gillmor @ 2018-01-10 8:50 ` Matthias Urlichs 2018-01-10 22:30 ` Daniel Kahn Gillmor 2018-01-10 8:59 ` Jonathon Fernyhough 2018-01-11 15:00 ` Jason A. Donenfeld 2 siblings, 1 reply; 20+ messages in thread From: Matthias Urlichs @ 2018-01-10 8:50 UTC (permalink / raw) To: wireguard On 10.01.2018 08:09, Daniel Kahn Gillmor wrote: > The disjunction (A | B) means "if one of A or B is installed, don't bother > trying to satisfy the other; but if neither is installed, install A". … unless installing A causes a conflict – then the solver is free to use B instead. Given that systemd is installed by default in Debian, a "Suggests: systemd" is unlikely to be useful for anybody, and an A|B recommendation also is a no-op for the majority of users. Instead, I would simply Recommend wg-tools, as they're very useful for querying or modifying its state even when systemd-networkd manages the interface. I would also create a virtual "wireguard" package that directly depends on wireguard-dkms and wireguard-tools (and Recommends: networkmanager-wireguard, as soon as that exists). Then, simply instruct the user to install that. -- -- Matthias Urlichs ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-10 8:50 ` Matthias Urlichs @ 2018-01-10 22:30 ` Daniel Kahn Gillmor 2018-01-11 6:37 ` Stefan Tatschner 0 siblings, 1 reply; 20+ messages in thread From: Daniel Kahn Gillmor @ 2018-01-10 22:30 UTC (permalink / raw) To: Matthias Urlichs, wireguard [-- Attachment #1: Type: text/plain, Size: 707 bytes --] On Wed 2018-01-10 09:50:39 +0100, Matthias Urlichs wrote: > I would also create a virtual "wireguard" package that directly depends > on wireguard-dkms and wireguard-tools (and Recommends: > networkmanager-wireguard, as soon as that exists). Then, simply instruct > the user to install that. This is a good idea, thanks! As an aside, if anyone wants to suggest packaging improvements like this, a bug report to the debian BTS is probably the easiest way to go. As for the dependencies related to systemd-networkd, the discussion here makes me think we're better off just sticking with the status quo (option 0), so i'll do that unless i hear a really compelling argument to do anything else. --dkg [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-10 22:30 ` Daniel Kahn Gillmor @ 2018-01-11 6:37 ` Stefan Tatschner 2018-01-11 13:43 ` Daniel Kahn Gillmor 0 siblings, 1 reply; 20+ messages in thread From: Stefan Tatschner @ 2018-01-11 6:37 UTC (permalink / raw) To: Daniel Kahn Gillmor; +Cc: WireGuard mailing list Hi! Thanks all for the amazing work here, I am really impressed. On Wed, Jan 10, 2018 at 11:30 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > On Wed 2018-01-10 09:50:39 +0100, Matthias Urlichs wrote: >> I would also create a virtual "wireguard" package that directly depends >> on wireguard-dkms and wireguard-tools (and Recommends: >> networkmanager-wireguard, as soon as that exists). Then, simply instruct >> the user to install that. Is it really neccessary to recommend an additional tool in the package? Wireguard can already be integrated in debian's native network configuration via /etc/network/interfaces: https://wiki.debian.org/Wireguard I just do # ifup wg0 # ifdown wg0 and it's fine. Stefan > > This is a good idea, thanks! As an aside, if anyone wants to suggest > packaging improvements like this, a bug report to the debian BTS is > probably the easiest way to go. > > As for the dependencies related to systemd-networkd, the discussion here > makes me think we're better off just sticking with the status quo > (option 0), so i'll do that unless i hear a really compelling argument > to do anything else. > > --dkg > ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-11 6:37 ` Stefan Tatschner @ 2018-01-11 13:43 ` Daniel Kahn Gillmor 2018-01-11 15:02 ` Jason A. Donenfeld 2018-01-12 7:40 ` Stefan Tatschner 0 siblings, 2 replies; 20+ messages in thread From: Daniel Kahn Gillmor @ 2018-01-11 13:43 UTC (permalink / raw) To: Stefan Tatschner; +Cc: WireGuard mailing list [-- Attachment #1: Type: text/plain, Size: 981 bytes --] Hi Stefan-- On Thu 2018-01-11 07:37:49 +0100, Stefan Tatschner wrote: > Is it really neccessary to recommend an additional tool in the > package? Wireguard can already be integrated in debian's native > network configuration via /etc/network/interfaces: > https://wiki.debian.org/Wireguard these instructions already assume that you have both wireguard-dkms and wireguard-tools installed. wireguard-tools supplies both wg(8) and wg-quick(8), which are used in the different /etc/network/interfaces stanzas there. Matthias was suggesting a simply-named meta-package: just "wireguard", which would ensure that both wireguard-dkms and wireguard-tools are installed. The advantage there is that you can tell people to do: apt install wireguard and apt make sure the system has the common setup by default :) > I just do > > # ifup wg0 > # ifdown wg0 > > and it's fine. i'm glad it works for you, it's always nice to have positive feedback :) happy hacking, --dkg [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-11 13:43 ` Daniel Kahn Gillmor @ 2018-01-11 15:02 ` Jason A. Donenfeld 2018-01-11 23:38 ` Daniel Kahn Gillmor 2018-01-12 7:40 ` Stefan Tatschner 1 sibling, 1 reply; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-11 15:02 UTC (permalink / raw) To: Daniel Kahn Gillmor, Egbert Verhage; +Cc: WireGuard mailing list On Thu, Jan 11, 2018 at 2:43 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > Matthias was suggesting a simply-named meta-package: just "wireguard", > which would ensure that both wireguard-dkms and wireguard-tools are > installed. The advantage there is that you can tell people to do: > > apt install wireguard > > and apt make sure the system has the common setup by default :) This is a great idea. Let me know if you wind up making this. I've added Egbert to the CC so that he can make an identical change in the Ubuntu PPA. Jason ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-11 15:02 ` Jason A. Donenfeld @ 2018-01-11 23:38 ` Daniel Kahn Gillmor 2018-01-12 15:50 ` Egbert Verhage 0 siblings, 1 reply; 20+ messages in thread From: Daniel Kahn Gillmor @ 2018-01-11 23:38 UTC (permalink / raw) To: Jason A. Donenfeld, Egbert Verhage; +Cc: WireGuard mailing list [-- Attachment #1: Type: text/plain, Size: 1188 bytes --] On Thu 2018-01-11 16:02:30 +0100, Jason A. Donenfeld wrote: > On Thu, Jan 11, 2018 at 2:43 PM, Daniel Kahn Gillmor > <dkg@fifthhorseman.net> wrote: >> Matthias was suggesting a simply-named meta-package: just "wireguard", >> which would ensure that both wireguard-dkms and wireguard-tools are >> installed. The advantage there is that you can tell people to do: >> >> apt install wireguard >> >> and apt make sure the system has the common setup by default :) > > This is a great idea. Let me know if you wind up making this. I've > added Egbert to the CC so that he can make an identical change in the > Ubuntu PPA. I've just uploaded this arrangement to debian, but it needs to clear the NEW queue, which can take a little while. You should be able to follow the NEW queue here: https://ftp-master.debian.org/new.html Egbert (or any other packager for a debian derivative) can see my packaging here, if they're interested: https://salsa.debian.org/debian/wireguard in particular: https://salsa.debian.org/debian/wireguard/commit/cc3cab4b799a64e9c74985da627fc85ba0ee2cc8 as always, I welcome feedback and suggestions for other improvements. Regards, --dkg [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 832 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-11 23:38 ` Daniel Kahn Gillmor @ 2018-01-12 15:50 ` Egbert Verhage 2018-01-12 19:45 ` Jason A. Donenfeld 0 siblings, 1 reply; 20+ messages in thread From: Egbert Verhage @ 2018-01-12 15:50 UTC (permalink / raw) To: Daniel Kahn Gillmor, Jason A. Donenfeld; +Cc: WireGuard mailing list Hey dkg, I wanted to do the same thing with the meta package, so I have included your patch in the ubuntu ppa repo. I have pushed the packages to the PPA, so will be up in 10min. Here the commit with the meta package patch: https://github.com/EggieCode/wireguard-ppa/commit/1c502977301cfc1695996 ba68fa260576f0f0cad Thanks dkg for the patch! Greetz, Egbert On Thu, 2018-01-11 at 18:38 -0500, Daniel Kahn Gillmor wrote: > On Thu 2018-01-11 16:02:30 +0100, Jason A. Donenfeld wrote: > > On Thu, Jan 11, 2018 at 2:43 PM, Daniel Kahn Gillmor > > <dkg@fifthhorseman.net> wrote: > > > Matthias was suggesting a simply-named meta-package: just > > > "wireguard", > > > which would ensure that both wireguard-dkms and wireguard-tools > > > are > > > installed. The advantage there is that you can tell people to > > > do: > > > > > > apt install wireguard > > > > > > and apt make sure the system has the common setup by default :) > > > > This is a great idea. Let me know if you wind up making this. I've > > added Egbert to the CC so that he can make an identical change in > > the > > Ubuntu PPA. > > I've just uploaded this arrangement to debian, but it needs to clear > the > NEW queue, which can take a little while. > > You should be able to follow the NEW queue here: > > https://ftp-master.debian.org/new.html > > Egbert (or any other packager for a debian derivative) can see my > packaging here, if they're interested: > > https://salsa.debian.org/debian/wireguard > > in particular: > > https://salsa.debian.org/debian/wireguard/commit/cc3cab4b799a64e9c > 74985da627fc85ba0ee2cc8 > > as always, I welcome feedback and suggestions for other improvements. > > Regards, > > --dkg ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-12 15:50 ` Egbert Verhage @ 2018-01-12 19:45 ` Jason A. Donenfeld 0 siblings, 0 replies; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-12 19:45 UTC (permalink / raw) To: Egbert Verhage; +Cc: WireGuard mailing list [-- Attachment #1: Type: text/plain, Size: 1965 bytes --] Wonderful! Thanks guys. I'll update the documentation shortly. Jason On Jan 12, 2018 16:51, "Egbert Verhage" <egbert@eggiecode.org> wrote: > Hey dkg, > > I wanted to do the same thing with the meta package, so I have included > your patch in the ubuntu ppa repo. > > I have pushed the packages to the PPA, so will be up in 10min. > > Here the commit with the meta package patch: > https://github.com/EggieCode/wireguard-ppa/commit/1c502977301cfc1695996 > ba68fa260576f0f0cad > > Thanks dkg for the patch! > > Greetz, > Egbert > > On Thu, 2018-01-11 at 18:38 -0500, Daniel Kahn Gillmor wrote: > > On Thu 2018-01-11 16:02:30 +0100, Jason A. Donenfeld wrote: > > > On Thu, Jan 11, 2018 at 2:43 PM, Daniel Kahn Gillmor > > > <dkg@fifthhorseman.net> wrote: > > > > Matthias was suggesting a simply-named meta-package: just > > > > "wireguard", > > > > which would ensure that both wireguard-dkms and wireguard-tools > > > > are > > > > installed. The advantage there is that you can tell people to > > > > do: > > > > > > > > apt install wireguard > > > > > > > > and apt make sure the system has the common setup by default :) > > > > > > This is a great idea. Let me know if you wind up making this. I've > > > added Egbert to the CC so that he can make an identical change in > > > the > > > Ubuntu PPA. > > > > I've just uploaded this arrangement to debian, but it needs to clear > > the > > NEW queue, which can take a little while. > > > > You should be able to follow the NEW queue here: > > > > https://ftp-master.debian.org/new.html > > > > Egbert (or any other packager for a debian derivative) can see my > > packaging here, if they're interested: > > > > https://salsa.debian.org/debian/wireguard > > > > in particular: > > > > https://salsa.debian.org/debian/wireguard/commit/cc3cab4b799a64e9c > > 74985da627fc85ba0ee2cc8 > > > > as always, I welcome feedback and suggestions for other improvements. > > > > Regards, > > > > --dkg > [-- Attachment #2: Type: text/html, Size: 3339 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-11 13:43 ` Daniel Kahn Gillmor 2018-01-11 15:02 ` Jason A. Donenfeld @ 2018-01-12 7:40 ` Stefan Tatschner 1 sibling, 0 replies; 20+ messages in thread From: Stefan Tatschner @ 2018-01-12 7:40 UTC (permalink / raw) To: Daniel Kahn Gillmor; +Cc: WireGuard mailing list On Thu, Jan 11, 2018 at 2:43 PM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > Hi Stefan-- > > Matthias was suggesting a simply-named meta-package: just "wireguard", > which would ensure that both wireguard-dkms and wireguard-tools are > installed. The advantage there is that you can tell people to do: > > apt install wireguard > > and apt make sure the system has the common setup by default :) Awesome! Thanks for clarifying this. > >> I just do >> >> # ifup wg0 >> # ifdown wg0 >> >> and it's fine. > > i'm glad it works for you, it's always nice to have positive feedback :) :) Stefan > > happy hacking, > > --dkg ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-10 7:09 ` Daniel Kahn Gillmor 2018-01-10 8:50 ` Matthias Urlichs @ 2018-01-10 8:59 ` Jonathon Fernyhough 2018-01-11 15:00 ` Jason A. Donenfeld 2 siblings, 0 replies; 20+ messages in thread From: Jonathon Fernyhough @ 2018-01-10 8:59 UTC (permalink / raw) To: wireguard [-- Attachment #1.1: Type: text/plain, Size: 1208 bytes --] On 10/01/18 07:09, Daniel Kahn Gillmor wrote: > systemd-networkd is shipped (but by default disabled) in the systemd > package itself. > > At the moment, wireguard-dkms (the kernel module package) Recommends: > wireguard-tools (which supplies wg(8)), which i'd write as: > > 0) Recommends: wireguard-tools > > So i think we have several other choices: > > 1) Recommends: systemd | wireguard-tools > > 2) Recommends: wireguard-tools | systemd > > 3) Recommends: wireguard-tools, systemd > > 4) Recommends: wireguard-tools > Suggests: systemd > > > Of the above, i think i'll probably either stick with 0 or move to 4. Sticking with 0) makes most sense to me. Just because systemd (>= 23something) supports wireguard, if wireguard-dkms can't rely on the support being there then recommending its "own" tools is more reliable, and more portable. Alternatively, perhaps an "Enhances: systemd" ? e.g. wireguard-dkms doesn't _need_ systemd, doesn't work any _better_ with systemd, but definitely adds something _to_ systemd. J [1] https://www.debian.org/doc/debian-policy/#binary-dependencies-depends-recommends-suggests-enhances-pre-depends [-- Attachment #2: OpenPGP digital signature --] [-- Type: application/pgp-signature, Size: 819 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-10 7:09 ` Daniel Kahn Gillmor 2018-01-10 8:50 ` Matthias Urlichs 2018-01-10 8:59 ` Jonathon Fernyhough @ 2018-01-11 15:00 ` Jason A. Donenfeld 2 siblings, 0 replies; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-11 15:00 UTC (permalink / raw) To: Daniel Kahn Gillmor; +Cc: WireGuard mailing list Hey Daniel, On Wed, Jan 10, 2018 at 8:09 AM, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote: > cool. this sounds very much like you've decided that the netlink > interface is now stable, which is good to hear Yep! > 0) Recommends: wireguard-tools > 4) Recommends: wireguard-tools > Suggests: systemd > > > Of the above, i think i'll probably either stick with 0 or move to 4. > given what you said above, i don't really like the idea of using the > disjunction; people already running systemd will have systemd-networkd > available; and i don't want the wireguard-dkms package to encourage > people to install systemd if they've already made a decision to avoid > the default and not use it. I think it probably makes most sense to stick with 0. Jason ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 13:49 WireGuard in systemd-networkd Jason A. Donenfeld 2018-01-09 14:59 ` Matthias Urlichs 2018-01-09 15:20 ` Daniel Kahn Gillmor @ 2018-01-09 17:19 ` Germano Massullo 2018-01-13 16:30 ` Some gossip M. Dietrich 2018-01-30 12:07 ` WireGuard in systemd-networkd Jörg Thalheim 3 siblings, 1 reply; 20+ messages in thread From: Germano Massullo @ 2018-01-09 17:19 UTC (permalink / raw) To: wireguard As systemd-networkd user I am very happy about that! Jason it has been a pleasure to meet you at 34C3 :-) ^ permalink raw reply [flat|nested] 20+ messages in thread
* Some gossip 2018-01-09 17:19 ` Germano Massullo @ 2018-01-13 16:30 ` M. Dietrich 2018-01-13 21:25 ` Jason A. Donenfeld 0 siblings, 1 reply; 20+ messages in thread From: M. Dietrich @ 2018-01-13 16:30 UTC (permalink / raw) To: wireguard [-- Attachment #1: Type: text/plain, Size: 1037 bytes --] Hi All, i looked for a connection-less VPN since long. i am not an expert in VPNs and do not want to dive into it too deep but i had the impression that all solutions today have a connection and once lost it has to be renogotiated. since using mosh i think this would be an incredible solution for a VPN. Quotation from Germano Massullo at Januar 9, 2018 18:19: > Jason it has been a pleasure to meet you at 34C3 :-) at the 34C3 i was concentrated with some coding at my notebook when a guy throw me a sticker directly onto my keyboard. i was upset and flicked it off but when i needed a break i grabed it and took a look. it was weird, some names, a logo, no url. the name was good enough to point to the project behind (same logo) after a search. and i found out: this seems to be the VPN i was looking for so long! so thank you for this incredible project! i could not attend at the workshop because it was too crowded (btw: today wireguard is the 6th hit when looking for vpn and mosh). M. Dietrich [-- Attachment #2: Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: Some gossip 2018-01-13 16:30 ` Some gossip M. Dietrich @ 2018-01-13 21:25 ` Jason A. Donenfeld 0 siblings, 0 replies; 20+ messages in thread From: Jason A. Donenfeld @ 2018-01-13 21:25 UTC (permalink / raw) To: M. Dietrich; +Cc: WireGuard mailing list On Sat, Jan 13, 2018 at 5:30 PM, M. Dietrich <mdt@emdete.de> wrote: > at the 34C3 i was concentrated with some coding at my notebook > when a guy throw me a sticker directly onto my keyboard. i was > upset and flicked it off but when i needed a break i grabed > it and took a look. it was weird, some names, a logo, no url. Pretty much the real life version of a pop-up window. :) ^ permalink raw reply [flat|nested] 20+ messages in thread
* Re: WireGuard in systemd-networkd 2018-01-09 13:49 WireGuard in systemd-networkd Jason A. Donenfeld ` (2 preceding siblings ...) 2018-01-09 17:19 ` Germano Massullo @ 2018-01-30 12:07 ` Jörg Thalheim 3 siblings, 0 replies; 20+ messages in thread From: Jörg Thalheim @ 2018-01-30 12:07 UTC (permalink / raw) To: wireguard Wireguard support in networkd is now set in stone. systemd v237 was released three days ago. On 2018-01-09 13:49, Jason A. Donenfeld wrote: > Hi folks, > > Thanks to the wonderful work of Jörg Thalheim, WireGuard is now > supported inside systemd-netword's .netdev files. The syntax should be > pretty similar to wg(8). Expect for this to be released as part of the > next release of systemd, where you'll then be able to read the man > pages for using it. > > Next up - anybody interested in providing support for NetworkManager? > > Jason > _______________________________________________ > WireGuard mailing list > WireGuard@lists.zx2c4.com > https://lists.zx2c4.com/mailman/listinfo/wireguard ^ permalink raw reply [flat|nested] 20+ messages in thread
end of thread, other threads:[~2018-01-30 12:02 UTC | newest] Thread overview: 20+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2018-01-09 13:49 WireGuard in systemd-networkd Jason A. Donenfeld 2018-01-09 14:59 ` Matthias Urlichs 2018-01-09 15:20 ` Daniel Kahn Gillmor 2018-01-09 17:38 ` Jason A. Donenfeld 2018-01-10 7:09 ` Daniel Kahn Gillmor 2018-01-10 8:50 ` Matthias Urlichs 2018-01-10 22:30 ` Daniel Kahn Gillmor 2018-01-11 6:37 ` Stefan Tatschner 2018-01-11 13:43 ` Daniel Kahn Gillmor 2018-01-11 15:02 ` Jason A. Donenfeld 2018-01-11 23:38 ` Daniel Kahn Gillmor 2018-01-12 15:50 ` Egbert Verhage 2018-01-12 19:45 ` Jason A. Donenfeld 2018-01-12 7:40 ` Stefan Tatschner 2018-01-10 8:59 ` Jonathon Fernyhough 2018-01-11 15:00 ` Jason A. Donenfeld 2018-01-09 17:19 ` Germano Massullo 2018-01-13 16:30 ` Some gossip M. Dietrich 2018-01-13 21:25 ` Jason A. Donenfeld 2018-01-30 12:07 ` WireGuard in systemd-networkd Jörg Thalheim
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).