WireGuard: Make tools available on other platforms #40744
Conversation
Wireguard is now split into two pretty much independent packages: `wireguard` (Linux-specific kernel module) and `wireguard-tools`, which is cross-platform.
kirelagin
force-pushed
the
wireguard-darwin
branch
from
73465a9
to
865abfa
Compare
|
/cc @Mic92 |
|
@GrahamcOfBorg build wireguard-tools |
|
Success on aarch64-linux (full log) Attempted: wireguard-tools Partial log (click to expand)
|
|
Success on x86_64-linux (full log) Attempted: wireguard-tools Partial log (click to expand)
|
|
Success on x86_64-darwin (full log) Attempted: wireguard-tools Partial log (click to expand)
|
|
@GrahamcOfBorg build linuxPackages.wireguard |
|
No attempt on x86_64-darwin (full log) The following builds were skipped because they don't evaluate on x86_64-darwin: linuxPackages.wireguard Partial log (click to expand)
|
|
Success on x86_64-linux (full log) Attempted: linuxPackages.wireguard Partial log (click to expand)
|
Because cgit snapshots are not deterministic.
|
Success on aarch64-linux (full log) Attempted: linuxPackages.wireguard Partial log (click to expand)
|
| @@ -5500,6 +5500,8 @@ with pkgs; | |||
|
|
|||
| whois = callPackage ../tools/networking/whois { }; | |||
|
|
|||
| wireguard-tools = callPackage ../tools/networking/wireguard-tools { }; | |||
There was a problem hiding this comment.
Mostly to avoid ambiguity, reduce potential confusion and make it clear that when you are installing wireguard-tools you are getting only tools, not all of WireGuard. Also because wireguard-tools are a separate package in many other distros.
There was a problem hiding this comment.
I would prefer keep the upstream name instead because it is easier to guess.
There was a problem hiding this comment.
Also the reference in our nixos module needs to be renamed.
There was a problem hiding this comment.
I believe wireguard-tools is actually easier to guess, because it is called this way in (almost) every other major distro (Debian, Fedora, Arch, OpenSUSE, OpenWrt, Homebrew). So this name is consistent with the way others name it and, more importantly, with what the package actually does.
I guess, let’s wait for what @zx2c4 has to say on this matter.
There was a problem hiding this comment.
Also the reference in our nixos module needs to be renamed.
I believe I renamed it right in my first commit.
There was a problem hiding this comment.
@Mic92: wireguard-tools indeed seems to be an upstream-approved name for that package. See Homebrew/homebrew-core#27863 for example.
| version = "0.0.20180514"; | ||
|
|
||
| src = fetchurl { | ||
| src = fetchzip { |
There was a problem hiding this comment.
I don't think it is a good idea to split this file because now somebody might by accident update only one of the two packages. Why not mark the user space component as platform independent instead of duplicating the package?
There was a problem hiding this comment.
My understanding is that the versions of the module and tools are actually more-or-less independent, but I might be wrong.
I also find current logic with returning a different derivation based on the presence of the kernel argument somewhat, um, unorthodox.
instead of duplicating the package
Which directory will we put it into then? The kernel module really belongs to os-specific/linux and tools really do not belong there. I considered having a separate .nix file with the source definition, but a) I was not sure which directory to put it into 🙂, b) see my previous point, I believe the versions are independent, so I chose the simplest path.
There was a problem hiding this comment.
This could as well be inherit (wireguard-tools) src. This shouldn't matter long-term, because Wireguard is going to be upstreamed to the kernel tree.
There was a problem hiding this comment.
Userspace and kernelspace need to be kept in think. If the netlink interface is extended they might become incompatible. This might change when wireguard gets upstream, but we are not there yet.
|
cc @zx2c4 |
|
@GrahamcOfBorg build linuxPackages.wireguard |
|
No attempt on x86_64-darwin (full log) The following builds were skipped because they don't evaluate on x86_64-darwin: linuxPackages.wireguard Partial log (click to expand)
|
|
Success on x86_64-linux (full log) Attempted: linuxPackages.wireguard Partial log (click to expand)
|
|
Success on aarch64-linux (full log) Attempted: linuxPackages.wireguard Partial log (click to expand)
|
|
|
Success on x86_64-darwin (full log) Attempted: wireguard-tools The following builds were skipped because they don't evaluate on x86_64-darwin: linuxPackages_testing_bcachefs.wireguard, linuxPackages_4_16.wireguard, linuxPackages_4_14.wireguard, linuxPackages.wireguard, linuxPackages_hardened.wireguard, linuxPackages_4_9.wireguard, linuxPackages_copperhead_stable.wireguard, linuxPackages_latest_hardened.wireguard, linuxPackages_4_4.wireguard, linuxPackages_copperhead_lts.wireguard, linuxPackages_samus_4_12.wireguard, linuxPackages_samus_latest.wireguard, linuxPackages_xen_dom0_hardened.wireguard, linuxPackages_latest_xen_dom0.wireguard, linuxPackages_xen_dom0.wireguard, linuxPackages_latest.wireguard, linuxPackages_latest_xen_dom0_hardened.wireguard Partial log (click to expand)
|
|
Success on x86_64-linux (full log) Attempted: linuxPackages_testing_bcachefs.wireguard, linuxPackages_4_16.wireguard, linuxPackages_4_14.wireguard, linuxPackages.wireguard, linuxPackages_hardened.wireguard, linuxPackages_4_9.wireguard, linuxPackages_copperhead_stable.wireguard, linuxPackages_latest_hardened.wireguard, linuxPackages_4_4.wireguard, linuxPackages_copperhead_lts.wireguard, linuxPackages_samus_4_12.wireguard, wireguard-tools, linuxPackages_samus_latest.wireguard, linuxPackages_xen_dom0_hardened.wireguard, linuxPackages_latest_xen_dom0.wireguard, linuxPackages_xen_dom0.wireguard, linuxPackages_latest.wireguard, linuxPackages_latest_xen_dom0_hardened.wireguard Partial log (click to expand)
|
|
Failure on aarch64-linux (full log) Attempted: linuxPackages_testing_bcachefs.wireguard, linuxPackages_4_16.wireguard, linuxPackages_4_14.wireguard, linuxPackages.wireguard, linuxPackages_hardened.wireguard, linuxPackages_4_9.wireguard, linuxPackages_copperhead_stable.wireguard, linuxPackages_latest_hardened.wireguard, linuxPackages_4_4.wireguard, linuxPackages_copperhead_lts.wireguard, wireguard-tools, linuxPackages_xen_dom0_hardened.wireguard, linuxPackages_latest_xen_dom0.wireguard, linuxPackages_xen_dom0.wireguard, linuxPackages_latest.wireguard, linuxPackages_latest_xen_dom0_hardened.wireguard The following builds were skipped because they don't evaluate on aarch64-linux: linuxPackages_samus_4_12.wireguard, linuxPackages_samus_latest.wireguard Partial log (click to expand)
|
Wireguard is now split into two pretty much independent packages:
wireguard(Linux-specific kernel module) andwireguard-tools, which is cross-platform.Motivation for this change
Make tools available on darwin and any other platforms.
Things done
build-use-sandboxinnix.confon non-NixOS)nix-shell -p nox --run "nox-review wip"./result/bin/)I have built a NixOS configuration but have not actually activated it, merely made sure there were no errors and checked visually that the module and tools seem to be present in it as expected.