[gentoo-commits] repo/proj/guru:dev commit in: net-vpn/amneziawg-tools/, net-vpn/amneziawg-tools/files/

Pavel Sobolev Fri, 24 Oct 2025 09:33:27 -0700

commit:     a945e1822f796bafa3df40dfead1c2928965cae5
Author:     Pavel Sobolev <contact <AT> paveloom <DOT> dev>
AuthorDate: Fri Oct 24 14:45:49 2025 +0000
Commit:     Pavel Sobolev <contact <AT> paveloom <DOT> dev>
CommitDate: Fri Oct 24 16:32:06 2025 +0000
URL:        https://gitweb.gentoo.org/repo/proj/guru.git/commit/?id=a945e182


net-vpn/amneziawg-tools: new package, add 1.0.20250903

Signed-off-by: Pavel Sobolev <contact <AT> paveloom.dev>

 net-vpn/amneziawg-tools/Manifest                   |  1 +
 .../amneziawg-tools-1.0.20250903.ebuild            | 88 ++++++++++++++++++++++
 net-vpn/amneziawg-tools/files/awg-quick.init       | 38 ++++++++++
 net-vpn/amneziawg-tools/metadata.xml               | 15 ++++
 4 files changed, 142 insertions(+)

diff --git a/net-vpn/amneziawg-tools/Manifest b/net-vpn/amneziawg-tools/Manifest
new file mode 100644
index 0000000000..2d01fa9e69
--- /dev/null
+++ b/net-vpn/amneziawg-tools/Manifest
@@ -0,0 +1 @@
+DIST amneziawg-tools-1.0.20250903.tar.gz 160214 BLAKE2B 
ec32969cf32b0c75179a3c53702997963c176e61958d4cc166706d8439ae736e191be488e7dc93e3c2f9d8657e67deee674359b15e19ca473ddfc19f5fe3767d
 SHA512 
a69f3911b18cd5abb73ba1f695802c87205ed6be10be035a5d06ca266c5de3c0b88c0aeac7670bc302112288f1b58937608e7b2835a22d2b4fc45a8f63b218ad

diff --git a/net-vpn/amneziawg-tools/amneziawg-tools-1.0.20250903.ebuild 
b/net-vpn/amneziawg-tools/amneziawg-tools-1.0.20250903.ebuild
new file mode 100644
index 0000000000..85c4f8cdcb
--- /dev/null
+++ b/net-vpn/amneziawg-tools/amneziawg-tools-1.0.20250903.ebuild
@@ -0,0 +1,88 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit linux-info bash-completion-r1 systemd toolchain-funcs
+
+DESCRIPTION="Required tools for AmneziaWG, such as awg(8) and awg-quick(8)"
+HOMEPAGE="https://github.com/amnezia-vpn/amneziawg-tools";
+SRC_URI="https://github.com/amnezia-vpn/amneziawg-tools/archive/refs/tags/v${PV}.tar.gz
 -> ${P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~arm ~arm64 ~x86"
+IUSE="+awg-quick selinux"
+
+BDEPEND="virtual/pkgconfig"
+RDEPEND="${DEPEND}
+       awg-quick? (
+               || ( net-firewall/nftables net-firewall/iptables )
+               virtual/resolvconf
+       )
+       selinux? ( sec-policy/selinux-wireguard )
+"
+
+awg_quick_optional_config_nob() {
+       CONFIG_CHECK="$CONFIG_CHECK ~$1"
+       declare -g ERROR_$1="CONFIG_$1: This option is required for automatic 
routing of default routes inside of awg-quick(8), though it is not required for 
general AmneziaWG usage."
+}
+
+pkg_setup() {
+       if use awg-quick; then
+               awg_quick_optional_config_nob IP_ADVANCED_ROUTER
+               awg_quick_optional_config_nob IP_MULTIPLE_TABLES
+               awg_quick_optional_config_nob IPV6_MULTIPLE_TABLES
+               if has_version net-firewall/nftables; then
+                       awg_quick_optional_config_nob NF_TABLES
+                       awg_quick_optional_config_nob NF_TABLES_IPV4
+                       awg_quick_optional_config_nob NF_TABLES_IPV6
+                       awg_quick_optional_config_nob NFT_CT
+                       awg_quick_optional_config_nob NFT_FIB
+                       awg_quick_optional_config_nob NFT_FIB_IPV4
+                       awg_quick_optional_config_nob NFT_FIB_IPV6
+                       awg_quick_optional_config_nob NF_CONNTRACK_MARK
+               elif has_version net-firewall/iptables; then
+                       awg_quick_optional_config_nob NETFILTER_XTABLES
+                       awg_quick_optional_config_nob NETFILTER_XT_MARK
+                       awg_quick_optional_config_nob NETFILTER_XT_CONNMARK
+                       awg_quick_optional_config_nob NETFILTER_XT_MATCH_COMMENT
+                       awg_quick_optional_config_nob 
NETFILTER_XT_MATCH_ADDRTYPE
+                       awg_quick_optional_config_nob IP6_NF_RAW
+                       awg_quick_optional_config_nob IP_NF_RAW
+                       awg_quick_optional_config_nob IP6_NF_FILTER
+                       awg_quick_optional_config_nob IP_NF_FILTER
+               fi
+       fi
+       get_version
+       if ! has_version net-vpn/amneziawg-modules; then
+               ewarn
+               ewarn "Linux kernel does not have upstream support for 
AmneziaWG."
+               ewarn "However, the net-vpn/amneziawg-modules ebuild"
+               ewarn "contains a module that should work for your kernel."
+               ewarn "It is highly recommended to install it:"
+               ewarn
+               ewarn "    emerge -av net-vpn/amneziawg-modules"
+               ewarn
+       fi
+       linux-info_pkg_setup
+}
+
+src_compile() {
+       emake RUNSTATEDIR="${EPREFIX}/run" -C src CC="$(tc-getCC)" 
LD="$(tc-getLD)"
+}
+
+src_install() {
+       dodoc README.md
+       dodoc -r contrib
+       emake \
+               WITH_BASHCOMPLETION=yes \
+               WITH_SYSTEMDUNITS=yes \
+               WITH_WGQUICK=$(usex awg-quick) \
+               DESTDIR="${D}" \
+               BASHCOMPDIR="$(get_bashcompdir)" \
+               SYSTEMDUNITDIR="$(systemd_get_systemunitdir)" \
+               PREFIX="${EPREFIX}/usr" \
+               -C src install
+       use awg-quick && newinitd "${FILESDIR}/awg-quick.init" awg-quick
+}

diff --git a/net-vpn/amneziawg-tools/files/awg-quick.init 
b/net-vpn/amneziawg-tools/files/awg-quick.init
new file mode 100644
index 0000000000..792c131f11
--- /dev/null
+++ b/net-vpn/amneziawg-tools/files/awg-quick.init
@@ -0,0 +1,38 @@
+#!/sbin/openrc-run
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+name="AmneziaWG"
+description="AmneziaWG via awg-quick(8)"
+
+depend() {
+       need net
+       use dns
+}
+
+CONF="${SVCNAME#*.}"
+
+checkconfig() {
+       if [ "$CONF" = "$SVCNAME" ]; then
+               eerror "You cannot call this init script directly. You must 
create a symbolic link to it with the configuration name:"
+               eerror "    ln -s /etc/init.d/awg-quick 
/etc/init.d/awg-quick.vpn0"
+               eerror "And then call it instead:"
+               eerror "    /etc/init.d/awg-quick.vpn0 start"
+               return 1
+       fi
+       return 0
+}
+
+start() {
+       checkconfig || return 1
+       ebegin "Starting $description for $CONF"
+       awg-quick up "$CONF"
+       eend $? "Failed to start $description for $CONF"
+}
+
+stop() {
+       checkconfig || return 1
+       ebegin "Stopping $description for $CONF"
+       awg-quick down "$CONF"
+       eend $? "Failed to stop $description for $CONF"
+}

diff --git a/net-vpn/amneziawg-tools/metadata.xml 
b/net-vpn/amneziawg-tools/metadata.xml
new file mode 100644
index 0000000000..ad302208d9
--- /dev/null
+++ b/net-vpn/amneziawg-tools/metadata.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd";>
+<pkgmetadata>
+  <maintainer type="person">
+    <name>Pavel Sobolev</name>
+    <email>[email protected]</email>
+  </maintainer>
+  <use>
+    <flag name="awg-quick">Install the awg-quick(8) helper tool. Most users 
want to use this.</flag>
+  </use>
+  <upstream>
+    <bugs-to>https://github.com/amnezia-vpn/amneziawg-tools/issues</bugs-to>
+    <remote-id type="github">amnezia-vpn/amneziawg-tools</remote-id>
+  </upstream>
+</pkgmetadata>

[gentoo-commits] repo/proj/guru:dev commit in: net-vpn/amneziawg-tools/, net-vpn/amneziawg-tools/files/

Reply via email to