From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id OMOmHHjkLGASDgAA0tVLHw (envelope-from ) for ; Wed, 17 Feb 2021 09:40:08 +0000 Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id ALlgGHjkLGB7PQAAbx9fmQ (envelope-from ) for ; Wed, 17 Feb 2021 09:40:08 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 20766228CF for ; Wed, 17 Feb 2021 10:40:08 +0100 (CET) Received: from localhost ([::1]:33744 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lCJJX-0002V9-7W for larch@yhetil.org; Wed, 17 Feb 2021 04:40:07 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:39352) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lCJIU-0001SB-Rt for guix-patches@gnu.org; Wed, 17 Feb 2021 04:39:02 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:59195) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lCJIU-00036s-KT for guix-patches@gnu.org; Wed, 17 Feb 2021 04:39:02 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lCJIU-0008RH-IY for guix-patches@gnu.org; Wed, 17 Feb 2021 04:39:02 -0500 Subject: bug#46504: [PATCH] services: wireguard: New service. Resent-From: Mathieu Othacehe Original-Sender: "Debbugs-submit" Resent-To: guix-patches@gnu.org Resent-Date: Wed, 17 Feb 2021 09:39:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: cc-closed 46504 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Brice Waegeneire Cc: 46504-done@debbugs.gnu.org Mail-Followup-To: 46504@debbugs.gnu.org, othacehe@gnu.org, othacehe@gnu.org Received: via spool by 46504-done@debbugs.gnu.org id=D46504.161355472332395 (code D ref 46504); Wed, 17 Feb 2021 09:39:02 +0000 Received: (at 46504-done) by debbugs.gnu.org; 17 Feb 2021 09:38:43 +0000 Received: from localhost ([127.0.0.1]:42505 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lCJIA-0008QR-Nh for submit@debbugs.gnu.org; Wed, 17 Feb 2021 04:38:42 -0500 Received: from eggs.gnu.org ([209.51.188.92]:49666) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lCJI9-0008QG-P7 for 46504-done@debbugs.gnu.org; Wed, 17 Feb 2021 04:38:42 -0500 Received: from fencepost.gnu.org ([2001:470:142:3::e]:43714) by eggs.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lCJI4-00030F-6U; Wed, 17 Feb 2021 04:38:36 -0500 Received: from [2a01:e0a:19b:d9a0:ed4f:d6a:d2d6:56bd] (port=50706 helo=cervin) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1lCJI3-0001P4-JP; Wed, 17 Feb 2021 04:38:35 -0500 From: Mathieu Othacehe References: <20210214093301.348381-1-othacehe@gnu.org> <87a6s67m5k.fsf@waegenei.re> Date: Wed, 17 Feb 2021 10:38:33 +0100 In-Reply-To: <87a6s67m5k.fsf@waegenei.re> (Brice Waegeneire's message of "Sun, 14 Feb 2021 15:35:03 +0100") Message-ID: <87czwzghk6.fsf@gnu.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: "Guix-patches" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -2.86 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of guix-patches-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-patches-bounces@gnu.org X-Migadu-Queue-Id: 20766228CF X-Spam-Score: -2.86 X-Migadu-Scanner: scn1.migadu.com X-TUID: HeyJe3CcrxYI Hello Brice, > Cool, more intergration of Wireguard in Guix! I started wiriting such a > service but didn't finialized it yet. Tho, I wasn't sure if it needed to > be implemented with wg-quick since upstream describe it as =C2=AB a very > quick and dirty bash script for reading a few extra variables from > wg(8)-style configuration files, and automatically configures the > interface =C2=BB=C2=B9. Yeah, this made me hesitate too. However, I think that having this small service is always better than a raw configuration file. It would of course be nice to have a more complete service, maybe relying on Guile-Netlink in the future. > wg-quick(8) say that the =E2=80=9DAddress=E2=80=9D attribute can be speci= fied multiple > times and is =C2=AB a comma-separated list of IP (v4 or v6) addresses > (optionally with CIDR masks) to be assigned to the interface. =C2=BB, so= the > =E2=80=9Caddress=E2=80=9D field should probably be =E2=80=9Caddresses=E2= =80=9D, a list of string. You're right, fixed. > Some of the missing attributes from wg-quick(8) like =E2=80=9CDNS=E2=80= =9D or hooks > seems realy usefull, maybe a =E2=80=9Cextra-config=E2=80=9D field to the = record could be > added to support all of thoses attributes. Yes, I'll add it as a follow-up. > Why having a =E2=80=9Cpublic-key=E2=80=9D field since it is derived from = the private > key? It seems to allow missconfiguration: what happen if the private > and public part of a key don't match, or if only the =E2=80=9Cpublic-key= =E2=80=9D is > set? The rationale was that when the private key is generated, the user can just "cat /etc/wireguard/public.key" instead of running "wg pubkey < /etc/wireguard/private.key" but I agree it is misleading and I removed this field. I pushed the revised patch as 43b2e440c38a39eb64088bd6c08771c060aa10fc. Thanks, Mathieu