Update main to latest (#77)

* Updated pkg-plist

* Makefile fix

* Experimenting with wireguard service

* Update README.md

Co-authored-by: vajonam <152501+vajonam@users.noreply.github.com>
Co-authored-by: Manojav Sridhar <manojav@manojav.com>

Author: rcmcdonald91

README.md

@@ -1,10 +1,8 @@
 # pfSense-pkg-WireGuard
-This is a port of the original WireGuard UI bits as implemented by [Netgate](https://www.netgate.com/) in [pfSense 2.5.0](https://github.com/pfsense/pfsense/tree/RELENG_2_5_0) to a package suitable for sideloading and more frequent updating on future releases of pfSense.
+This is a port of the original WireGuard*** UI bits as implemented by [Netgate](https://www.netgate.com/) in [pfSense 2.5.0](https://github.com/pfsense/pfsense/tree/RELENG_2_5_0) to a package suitable for sideloading and more frequent updating on future releases of pfSense.
 
 This also includes some improvments such as a proper status page (found under Status / WireGuard Status) and improved assigned interface handling.
 
-Under the hood, this implementation relies on `wg-quick(8)` for interacting with WireGuard.
-
 Because of the present limitations with pfSense internals and what packages can (and cannot) do on the system, this package includes several opinionated design changes that attempt to work around these limitations. The goal of this package is to use nothing more than what pfSense gives us and to leave the core codebase untouched. This will (should) greatly accelerate the review and testing required for consideration in the offical package repository.
 
 These changes include: 
@@ -47,12 +45,6 @@ You can find pre-compiled binaries and packages [here](https://github.com/theone
 
 https://docs.netgate.com/pfsense/en/latest/vpn/wireguard/index.html
 
-## Screenshots (as of v0.0.2_2)
-
-![1](https://github.com/theonemcdonald/pfSense-pkg-WireGuard/blob/main/extra/images/screen1.PNG)
-
-![2](https://github.com/theonemcdonald/pfSense-pkg-WireGuard/blob/main/extra/images/screen2.PNG)
-
-![3](https://github.com/theonemcdonald/pfSense-pkg-WireGuard/blob/main/extra/images/screen3.PNG)
+## Recognition
 
-![4](https://github.com/theonemcdonald/pfSense-pkg-WireGuard/blob/main/extra/images/screen4.PNG)
+\*** "WireGuard" and the "WireGuard" logo are registered trademarks of Jason A. Donenfeld.

src/Makefile

@@ -1,5 +1,5 @@
 PORTNAME=	pfSense-pkg-WireGuard
-PORTVERSION=	0.0.9
+PORTVERSION=	0.0.9.5
 CATEGORIES=	net
 MASTER_SITES=	# empty
 DISTFILES=	# empty
@@ -12,7 +12,7 @@ COMMENT=	pfSense package WireGuard
 LICENSE=	APACHE20
 
 RUN_DEPENDS=	wireguard-kmod>0:net/wireguard-kmod \
-		wireguard-tools-lite>0:net/wireguard-tools-lite
+		wireguard-tools-lite>0:net/wireguard-tools@lite
 
 NO_BUILD=	yes
 NO_MTREE=	yes
@@ -26,8 +26,6 @@ do-extract:
 do-install:
 	${MKDIR} ${STAGEDIR}/etc/inc/priv
 
-	${MKDIR} ${STAGEDIR}${PREFIX}/etc
-
 	${MKDIR} ${STAGEDIR}${PREFIX}/pkg/wireguard
 
 	${MKDIR} ${STAGEDIR}${PREFIX}/www/shortcuts
@@ -41,9 +39,6 @@ do-install:
 	${INSTALL_DATA} ${FILESDIR}${PREFIX}/pkg/wireguard.xml \
 		${STAGEDIR}${PREFIX}/pkg
 
-	${INSTALL_DATA} -m 0755 ${FILESDIR}${PREFIX}/etc/rc.* \
-		${STAGEDIR}${PREFIX}/etc
-
 	${INSTALL_DATA} ${FILESDIR}${PREFIX}/pkg/wireguard/*.inc \
 		${STAGEDIR}${PREFIX}/pkg/wireguard
 
@@ -63,4 +58,4 @@ do-install:
 		${STAGEDIR}${DATADIR}/info.xml \
 		${STAGEDIR}${PREFIX}/pkg/wireguard.xml
 
-.include <bsd.port.mk>
+.include <bsd.port.mk>

src/files/usr/local/etc/rc.reload_wireguard

@@ -41,6 +41,12 @@
 		<section>Status</section>
 		<url>/wg/status_wireguard.php</url>
 	</menu>
+	<service>
+		<name>wireguard</name>
+		<rcfile>wireguardd</rcfile>
+		<executable>php_wg</executable>
+		<description>WireGuard</description>
+	</service>
 	<custom_php_install_command>
 		<![CDATA[
 		wg_install();

src/files/usr/local/pkg/wireguard.xml

@@ -384,28 +384,22 @@ function wg_resync_peer($peer) {
 function wg_resync_all() {
 	global $g, $wgg;
 
-	wg_create_config_files();
-
 	if ($g['wireguard_installing']) {
 
-		update_status("done.\n  Configuring any existing WireGuard tunnels...");
+		unset($g['wireguard_installing']);
 
+		return;
+		
 	}
 
+	wg_create_config_files();
+
 	foreach ($wgg['tunnels'] as $tunnel) {
-	
+		
 		wg_resync_tunnel($tunnel['name'], true);
 
 	}
 
-	if ($g['wireguard_installing']) {
-
-		update_status("done.\n");
-
-		unset($g['wireguard_installing']);
-
-	}
-
 }
 
 

src/files/usr/local/pkg/wireguard/wg.inc

@@ -268,6 +268,7 @@ function wg_interface_update_addresses($wg_ifname) {
 
 		}
 
+	// Need to let pfSense handle the assigned interfaces
 	} elseif (is_wg_tunnel_assigned($wg_ifname)) {
 
 		if ($pfsense_if_name = wg_get_pfsense_interface_info($wg_ifname)) {
@@ -324,7 +325,7 @@ function wg_interface_syncconf($wg_ifname, $verbose = false) {
 }
 
 /*
- * This creates a WireGuard interface of a specified name and adds it to the WireGuard interface group
+ * This creates a WireGuard interface of a specified name
  */
 function wg_interface_create($wg_ifname, $verbose = false) {
 	global $wgg;
@@ -355,7 +356,7 @@ function wg_get_real_ifs() {
 }
 
 /*
- * This creates a WireGuard interface of a specified name and adds it to the WireGuard interface group
+ * This adds a WireGuard interface to the WireGuard interface group
  */
 function wg_interface_group_add($wg_ifname, $verbose = false) {
 	global $wgg;
@@ -533,11 +534,11 @@ function wg_get_tunnel_array_index($tunnel_name) {
 
 	if (is_array($wgg['tunnels'])) {
 
-		foreach ($wgg['tunnels'] as $t_index => $tunnel) {
+		foreach ($wgg['tunnels'] as $tun_idx => $tunnel) {
 
 			if ($tunnel['name'] == $tunnel_name) {
 
-				return $t_index;
+				return $tun_idx;
 
 			}
 

src/files/usr/local/pkg/wireguard/wg_api.inc

@@ -31,6 +31,9 @@ $wgg = array(
 	'ifconfig'		=> '/sbin/ifconfig',
 	'pkg'			=> '/usr/sbin/pkg',
 	'kldunload'		=> '/sbin/kldunload',
+	'php'			=> '/usr/local/bin/php',
+	'wg_daemon'		=> '/usr/local/bin/php_wg',
+	'wg_includes'		=> '/usr/local/pkg/wireguard',
 	'kmod'			=> 'if_wg.ko',
 	'pkg_names'		=> array(
 					'pfSense-pkg-WireGuard',
@@ -53,7 +56,7 @@ $wgg = array(
 					'members' => null),
 	'shellcmdentries'	=> array(
 					array(
-						'cmd' => '/usr/local/etc/rc.reload_wireguard',
+						'cmd' => 'service wireguardd start',
 						'cmdtype' => 'earlyshellcmd',
 						'description' => 'WireGuard earlyshellcmd (DO NOT EDIT/DELETE!)')),
 	'unboundaclentry'	=> array(

src/files/usr/local/pkg/wireguard/wg_globals.inc

@@ -19,6 +19,8 @@
  * limitations under the License.
  */
 
+// pfSense includes
+require_once('util.inc');
 
 // WireGuard includes
 require_once('wireguard/wg_globals.inc');
@@ -186,8 +188,17 @@ function wg_secret_input_type() {
 
 // Gets the appropriate class based on whether or not the target is enabled or disabled
 function wg_entrystatus_class($target_device) {
+	global $wgg;
+
+	if (isset($target_device) && 
+		$target_device['enabled'] == 'yes' &&
+			is_module_loaded($wgg['kmod'])) {
+
+		return 'enabled';
+
+	}
 
-	return (isset($target_device) && $target_device['enabled'] == 'yes') ? 'enabled' : 'disabled';
+	return 'disabled';
 
 }
 

src/files/usr/local/pkg/wireguard/wg_guiconfig.inc

@@ -22,11 +22,13 @@
 // pfSense includes
 require_once('config.inc');
 require_once('services.inc');
+require_once('service-utils.inc');
 require_once('util.inc');
 
 // WireGuard includes
-require_once('wireguard/wg_globals.inc');
 require_once('wireguard/wg_api.inc');
+require_once('wireguard/wg_globals.inc');
+require_once('wireguard/wg_service.inc');
 
 /*
  * This is the main install hook
@@ -53,9 +55,13 @@ function wg_install() {
 	// Installs the 'WireGuard' interface group
 	wg_ifgroup_install();
 
-	update_status("done.\n");
+	update_status("done.\n  Creating WireGuard service...");
 
-	// The first organic resync called by pfSense package manager will finish the installation process
+	wg_service_install();
+
+	wg_service_rcfile();
+
+	update_status("done.\n");
 
 }
 
@@ -243,11 +249,17 @@ function wg_deinstall() {
 
 	}
 
+
 	update_status("done.\n  Destroying WireGuard tunnels...");
 
 	// Teardown any WireGuard tunnel interfaces
 	wg_destroy_tunnels();
 
+	update_status("done.\n  Removing WireGuard service...");
+
+	// Remove WireGuard watchdog service
+	wg_service_deinstall();
+
 	update_status("done.\n");
 
 }