wg: add systemd unit and auto-detection

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>

contrib/systemd/README

@@ -1,5 +0,0 @@
-Until WireGuard receives full integration to the various network
-management utilities, there are a number of ways of setting up
-a WireGuard tunnel at boot time. This systemd unit file is one
-such way of doing things. Probably it should be tweaked before
-using.

contrib/systemd/wgserver.service

@@ -1,15 +0,0 @@
-[Unit]
-Description=WireGuard Server
-
-[Service]
-Type=oneshot
-RemainAfterExit=yes
-ExecStart=/bin/ip link add dev wgserver type wireguard
-ExecStart=/bin/ip address add 192.168.177.1/24 dev wgserver
-ExecStart=/usr/bin/wg setconf wgserver /etc/wireguard-server.conf
-ExecStart=/bin/ip link set up dev wgserver
-ExecStop=/bin/sh -c 'umask 077; /usr/bin/wg showconf wgserver > /etc/wireguard-server.conf.tmp && mv /etc/wireguard-server.conf.tmp /etc/wireguard-server.conf'
-ExecStop=/bin/ip link del dev wgserver
-
-[Install]
-WantedBy=multi-user.target

src/INSTALL

@@ -14,15 +14,17 @@ This command takes into account several environment variables:
   * RUNSTATEDIR          default: /var/run
   * PKG_CONFIG           default: pkg-config
 
-  * WITH_BASHCOMPLETION  default: yes
-  * WITH_WGQUICK         default: yes
+  * WITH_BASHCOMPLETION  default: [auto-detect]
+  * WITH_WGQUICK         default: [auto-detect]
+  * WITH_SYSTEMDUNITS    default: [auto-detect]
 
 The first section is rather standard. The second section is not:
 
   * WITH_BASHCOMPLETION decides whether or not bash completion files for the
     tools are installed. This is just a nice thing for people who have bash.
     If you don't have bash, or don't want this, set the environment variable
-    to `no'.
+    to `no'. If you'd like to force its use, even if bash-completion isn't
+    detected in DESTDIR, then set it to `yes'.
 
   * WITH_WGQUICK decides whether or not the wg-quick(8) script is installed.
     This is a very quick and dirty bash script for reading a few extra
@@ -31,4 +33,11 @@ The first section is rather standard. The second section is not:
     this at all. Likewise, if you already have a working network management
     tool or configuration, you probably want to integrate wg(8) or the direct
     WireGuard API into your network manager, rather than using wg-quick(8).
-    But for folks who like simple quick&dirty scripts, this is nice.
+    But for folks who like simple quick&dirty scripts, this is nice. If you'd
+    like to force its use, even if bash isn't detected in DESTDIR, then set it
+    to `yes'.
+
+  * WITH_SYSTEMDUNITS decides whether or not systemd units are installed for
+    wg-quick(8). If you don't use systemd, you certainly don't want this, and
+    should set it to `no'. If systemd isn't auto-detected, but you still would
+    like to install it, set this to `yes'.

src/Makefile

@@ -1,13 +1,34 @@
+PKG_CONFIG ?= pkg-config
 PREFIX ?= /usr
 DESTDIR ?=
 BINDIR ?= $(PREFIX)/bin
 LIBDIR ?= $(PREFIX)/lib
 MANDIR ?= $(PREFIX)/share/man
 BASHCOMPDIR ?= $(PREFIX)/share/bash-completion/completions
+SYSTEMDUNITDIR ?= $(shell $(PKG_CONFIG) --variable=systemdsystemunitdir systemd 2>/dev/null || echo "$(PREFIX)/lib/systemd/system")
 RUNSTATEDIR ?= /var/run
-PKG_CONFIG ?= pkg-config
-WITH_BASHCOMPLETION ?= yes
-WITH_WGQUICK ?= yes
+WITH_BASHCOMPLETION ?=
+WITH_WGQUICK ?=
+WITH_SYSTEMDUNITS ?=
+
+ifeq ($(WITH_BASHCOMPLETION),)
+ifneq ($(strip $(wildcard $(DESTDIR)$(BASHCOMPDIR))),)
+WITH_BASHCOMPLETION := yes
+endif
+endif
+ifeq ($(WITH_WGQUICK),)
+ifneq ($(strip $(wildcard $(DESTDIR)$(BINDIR)/bash)),)
+WITH_WGQUICK := yes
+endif
+ifneq ($(strip $(wildcard $(DESTDIR)/bin/bash)),)
+WITH_WGQUICK := yes
+endif
+endif
+ifeq ($(WITH_SYSTEMDUNITS),)
+ifneq ($(strip $(wildcard $(DESTDIR)$(SYSTEMDUNITDIR))),)
+WITH_SYSTEMDUNITS := yes
+endif
+endif
 
 CFLAGS ?= -O3
 CFLAGS += -std=gnu11
@@ -30,10 +51,16 @@ clean:
 install: wg
 	@install -v -d "$(DESTDIR)$(BINDIR)" && install -m 0755 -v wg "$(DESTDIR)$(BINDIR)/wg"
 	@install -v -d "$(DESTDIR)$(MANDIR)/man8" && install -m 0644 -v wg.8 "$(DESTDIR)$(MANDIR)/man8/wg.8"
-	@[ "$(WITH_BASHCOMPLETION)" = "yes" ] && install -v -d "$(BASHCOMPDIR)" && install -m 0644 -v completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg"
-	@[ "$(WITH_WGQUICK)" = "yes" ] && install -m 0755 -v wg-quick.bash "$(DESTDIR)$(BINDIR)/wg-quick"
-	@[ "$(WITH_WGQUICK)" = "yes" ] && install -m 0644 -v wg-quick.8 "$(DESTDIR)$(MANDIR)/man8/wg-quick.8"
-	@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_BASHCOMPLETION)" = "yes" ] && install -m 0644 -v completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg-quick"
+	@[ "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \
+	install -v -d "$(DESTDIR)$(BASHCOMPDIR)" && install -m 0644 -v completion/wg.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg"
+	@[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \
+	install -m 0755 -v wg-quick.bash "$(DESTDIR)$(BINDIR)/wg-quick"
+	@[ "$(WITH_WGQUICK)" = "yes" ] || exit 0; \
+	install -m 0644 -v wg-quick.8 "$(DESTDIR)$(MANDIR)/man8/wg-quick.8"
+	@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_BASHCOMPLETION)" = "yes" ] || exit 0; \
+	install -m 0644 -v completion/wg-quick.bash-completion "$(DESTDIR)$(BASHCOMPDIR)/wg-quick"
+	@[ "$(WITH_WGQUICK)" = "yes" -a "$(WITH_SYSTEMDUNITS)" = "yes" ] || exit 0; \
+	install -v -d "$(DESTDIR)$(SYSTEMDUNITDIR)" && install -m 0644 -v wg-quick@.service "$(DESTDIR)$(SYSTEMDUNITDIR)/wg-quick@.service"
 
 check: clean
 	CFLAGS=-g scan-build --view --keep-going $(MAKE) wg

src/wg-quick@.service

@@ -0,0 +1,19 @@
+[Unit]
+Description=WireGuard via wg-quick(8) for %I
+After=network-online.target
+Wants=network-online.target
+Documentation=man:wg-quick(8)
+Documentation=man:wg(8)
+Documentation=https://www.wireguard.io/
+Documentation=https://www.wireguard.io/quickstart/
+Documentation=https://git.zx2c4.com/WireGuard/about/src/tools/wg-quick.8
+Documentation=https://git.zx2c4.com/WireGuard/about/src/tools/wg.8
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+ExecStart=/usr/bin/wg-quick up %i
+ExecStop=/usr/bin/wg-quick down %i
+
+[Install]
+WantedBy=multi-user.target