trent/trents_blog
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add wireguard-on-spawn

Browse Source
This commit is contained in:
Trent Palmer 2025-01-30 08:22:31 -08:00
parent 13753b6ec6
commit eb827584b7
2 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
docs/posts/wireguard-on-nspawn.md Normal file
View File

@ -0,0 +1,38 @@
---
title: "Wireguard on Nspawn"
date: 2025-01-30
draft: false
tags: ["Wireguard", "linux", "nspawn", "container", "systemd", "Debian", "bookworm", "Arch"]
authors: ["trent"]
post: 35
---
date: 2025-01-30
## Introduction
Have you ever been thinking about `systemd-nspawn` containers and thought wouldn't
it be awesome if you could just wireguard outa there as easily as you can with a
virtual machine?
You can do it!
I have tested this with a Debian 12 `nspawn` container on a Debian 12 host, as well
as both Arch Linux and Debian 12 containers on an Arch Linux host.
## install wireguard-tools in container
*mask unwanted dependencies with a trailing `-`*
`apt install wireguard-tools linux-base-`
You can now configure with `wg-quick` and start using `wireguard`.
## unpacking the install
The trick is to avoid installing the dependencies of `wireguard` that you
don't need inside a container. You don't need a kernel, busybox,
initramfs, wireguard-modules, or dkms.
We mask `linux-base-` by adding a `-` after it, and the result is that only
`wireguard-tools` are installed, without `wireguard` or a bunch of other dependencies.
## what about LXD containers?
I'm curious if this will work in LXD containers, but don't really have
a testing environment set up for that right now.

2
mkdocs.yml
View File

@ -24,6 +24,7 @@ markdown_extensions:
nav: nav:
- Home: - Home:
- Home: index.md - Home: index.md
- "Wireguard on Nspawn": posts/wireguard-on-nspawn.md
- "Sandbox IOT Network": posts/sandbox-iot-network.md - "Sandbox IOT Network": posts/sandbox-iot-network.md
- "QuasselCore on Debian 11": posts/quasselcore-on-debian-11.md - "QuasselCore on Debian 11": posts/quasselcore-on-debian-11.md
- "Forklift Upgrade Arch Linux To A Dell Precision 3561": posts/forklift-upgrade-arch-linux-precision-3561.md - "Forklift Upgrade Arch Linux To A Dell Precision 3561": posts/forklift-upgrade-arch-linux-precision-3561.md
@ -72,6 +73,7 @@ nav:
- FreeCodeCampChallenges: https://trentspalmer.github.io/fcc-challenges/ - FreeCodeCampChallenges: https://trentspalmer.github.io/fcc-challenges/
- DeviceLayout: https://trentpalmer.work/6a57bbe24d8244289610bf57533d6c6f/ - DeviceLayout: https://trentpalmer.work/6a57bbe24d8244289610bf57533d6c6f/
- Posts: - Posts:
- "Wireguard on Nspawn": posts/wireguard-on-nspawn.md
- "Sandbox IOT Network": posts/sandbox-iot-network.md - "Sandbox IOT Network": posts/sandbox-iot-network.md
- "QuasselCore on Debian 11": posts/quasselcore-on-debian-11.md - "QuasselCore on Debian 11": posts/quasselcore-on-debian-11.md
- "Forklift Upgrade Arch Linux To A Dell Precision 3561": posts/forklift-upgrade-arch-linux-precision-3561.md - "Forklift Upgrade Arch Linux To A Dell Precision 3561": posts/forklift-upgrade-arch-linux-precision-3561.md