From nobody Wed Oct 09 23:15:06 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XP7yp6Wffz5Z6l5 for ; Wed, 09 Oct 2024 23:15:14 +0000 (UTC) (envelope-from lexi@le-fay.org) Received: from fuchsia.eden.le-Fay.ORG (fuchsia.eden.le-fay.org [81.187.47.195]) by mx1.freebsd.org (Postfix) with ESMTP id 4XP7yn6rwpz4lS6 for ; Wed, 9 Oct 2024 23:15:13 +0000 (UTC) (envelope-from lexi@le-fay.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=le-fay.org header.s=fuchsia header.b=BXj7uuXh; spf=pass (mx1.freebsd.org: domain of lexi@le-fay.org designates 81.187.47.195 as permitted sender) smtp.mailfrom=lexi@le-fay.org; dmarc=none Received: from iris.eden.le-Fay.ORG (iris.eden.le-fay.org [IPv6:fd12:8247:3:1::7]) by fuchsia.eden.le-Fay.ORG (Postfix) with ESMTP id B5676302A2 for ; Wed, 09 Oct 2024 23:15:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=le-fay.org; s=fuchsia; t=1728515706; bh=HsRtKxiaS3G4jiwZX81KgZLdSsOY40DvJkS/OwVctTA=; h=Date:Subject:To:References:From:In-Reply-To; b=BXj7uuXhhzGT82u9osByGYPcRm4Kk2+izd9MZckzKxsmN9ILuAk6v9fUoJ461buhX NRM8FXMLCmOwSrjKxSVaVw6id9jULWuIuVTQ0iuQaj362imAv89HjiEdrkCUgNByVG AhN25LoshM8r7PWfMHek/xZBpoeR4NIljlY66T5s= Received: from [IPV6:2001:8b0:aab5:c110:299c:a8e3:9bad:a32d] (unknown [IPv6:2001:8b0:aab5:c110:299c:a8e3:9bad:a32d]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by iris.eden.le-Fay.ORG (Postfix) with ESMTPSA id D048F2C0489 for ; Thu, 10 Oct 2024 00:15:04 +0100 (BST) Message-ID: <05b34bb9-527e-4e4e-b2cf-77a2ca0903fc@le-fay.org> Date: Thu, 10 Oct 2024 00:15:06 +0100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: wireguard confusion Content-Language: en-GB To: questions@freebsd.org References: <29044f1d-f835-459d-8e1c-17832580b5d9@FreeBSD.org> <20241008024304.5ff138a9@Hydrogen> <4e50caf7-dd15-4c8c-9a69-b2f7dbee8b46@FreeBSD.org> <20241009014801.60e084f9@Hydrogen> <9f0e1fff-daf5-4dd5-a972-1ed73618533a@FreeBSD.org> From: Lexi Winter In-Reply-To: <9f0e1fff-daf5-4dd5-a972-1ed73618533a@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [-3.37 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.98)[-0.982]; R_DKIM_ALLOW(-0.20)[le-fay.org:s=fuchsia]; R_SPF_ALLOW(-0.20)[+ip4:81.187.47.195]; RCVD_NO_TLS_LAST(0.10)[]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:20712, ipnet:81.187.0.0/16, country:GB]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DMARC_NA(0.00)[le-fay.org]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; DKIM_TRACE(0.00)[le-fay.org:+] X-Rspamd-Queue-Id: 4XP7yn6rwpz4lS6 X-Spamd-Bar: --- On 09/10/2024 01:54, Kyle Evans wrote: > On 10/8/24 19:48, Polarian wrote: >> It would be nice if WG(4) could load configs natively without needing a >> script to do so, in the same format as wg-quick does (look for >> /etc/wireguard/.conf) [...] > wg(8) can read that style of configuration, but wg-quick(8) adds some > niceties on top of that that it won't understand.  I think DNS is the > main one, which I wouldn't think would be too hard to parse out. a handy way to do this is using /etc/start_if.$interface: # cat /etc/start_if.wg0 #! /bin/sh /usr/bin/wg setconf wg0 /etc/wg/wg0.conf i've been using this a while now and have not run into any problems with it. presumably it would not be too difficult to add an rc.conf knob for this, if anyone cared to do it.