01:26:08 <tozhu> jperkin: is it this one? https://tailscale.com/
06:43:08 <tozhu> jperkin: Thanks for the advice, I have installed tailscale/wireguard-go/wireguard-tools  in a zone, but can’t find example to config and use it
06:43:35 <tozhu> is there any docs or examples, a big thanks
11:31:26 <tozhu> jperkin: I find the latest version is 1.44, should it be upgrade for pkgsrc? thanks
11:34:21 <jperkin> tozhu: yes, though the current version should work fine - nahamu can probably provide an example config
11:37:19 <tozhu> jperkin: thanks, do you know where had the example configuration of wireguard on illumos/smartos ? or tailscale?  I have installed tailscale, wireguard-go, wireguard-tools in a native zones, but have not found configuration example, I want to replace wireguare for my OpenBSD box which is running on Bhyve in SmartOS
11:37:32 <tozhu> a big thanks
12:24:14 <nahamu> tozhu: do you want to use tailscale or just wireguard-go?
12:24:50 <nahamu> If you have a tailscale account set up already, tailscale is almost disturbingly simple
12:25:29 <nahamu> pkgin in tailscale; svcadm enable tailscale; tailscale up
12:25:40 <nahamu> or at least that's pretty much how it should be.
12:26:29 <nahamu> and yes, the pkgsrc package needs an update (I've already done the rebase and tag, jperkin) but the current package should be fine to get started.
12:27:04 <nahamu> tozhu: feel free to ping me if you have additional questions.
12:27:44 <nahamu> I'm overdue to write a blog post on how to use the packaged versions on OmniOS and SmartOS.
13:02:01 <neuroserve> nahamu : you can even set up your own headscale server (but in a hvm instance only)
13:02:32 <neuroserve> https://github.com/juanfont/headscale
13:02:35 <nahamu> also true.
13:05:56 <tozhu> nahamu: a big thanks for the answer, I’m going to run wireguard-go in smartos zones; I don’t have tailscale account
13:06:44 <nahamu> tozhu: ah, I'm less of an expert on the wireguard configurations.
13:07:21 <nahamu> did you use wg-quick on the openbsd machine?
13:07:34 <tozhu> nahamu: thank you for the help, I’m going to regist a account for tailscale
13:07:45 <nahamu> I ported wg-quick to illumos so you should be able to port the config if so.
13:08:09 <tozhu> wireguard configuration is very simple
13:08:29 <tozhu> sure, thank you very much
13:09:21 <nahamu> if you want to remove any keys from the config and gist it somewhere, I can take a look and see how much work is needed.
13:10:19 <nahamu> https://github.com/nshalman/wireguard-tools/tree/wg-quick-for-sunos/contrib/smf
13:11:27 <nahamu> I think the package includes the wg-quick smf service so you should be able to create /etc/wireguard/mywg.conf and then `svcadm enable wg-quick:mywg`
13:11:50 <nahamu> (I really really need to consolidate the documentation, sigh.)
13:14:14 <CmdLnKid> you use https://github.com/TritonDataCenter/smfgen ... to generate that ?
13:15:03 <tozhu> nahamu, a big thank, I’ll try it
13:19:39 <tozhu> nahamu: there is /opt/local/lib/svc/manifest/wireguard-tools.xml   in the zone  after install wireguard-tools-1.0.20210914 , is it the correct file to configure wireguard services ?
13:20:11 <tozhu> but there is nothing when run command:  svcs -a |grep -i wireguard
15:06:39 <tozhu> nahamu: jperkin: would you please help to take a look what’s the issue so that can’t import the SMF     https://pastebin.com/75cPH3Tm     I installed wireguard-go-0.0.20220316 and wireguard-tools-1.0.20210914 from pkgin/pkgsrc, but can’t import the services
15:08:58 <tozhu> and here is my tun0.conf file for wireguard configuration for reference   https://pastebin.com/wFMr1KJ1
15:14:56 <nahamu> tozhu: in a little bit. $work is currently grabbing my attention :)
15:18:04 <tozhu> okay, got it  :)
15:30:13 <nahamu> tozhu: which zone image are you using?
15:30:54 <tozhu> image uuid: e44ed3e0-910b-11ed-a5d4-00151714048c
15:31:17 <tozhu> base-64-lts            22.4.0
15:31:39 <nahamu> yep, spinning up a test zone now.
15:40:16 <jperkin> the SMF should have been imported in a disabled state during install, sorry I can't take a look, I need to leave in a minute for a weekend away
15:40:47 <jperkin> if you still have the install output from pkgin it may have clues
15:41:19 <nahamu> just 2 commands:
15:41:21 <nahamu> svccfg -s wireguard-tools add tun0
15:41:26 <tozhu> jperkin: Thank you, and have nice weekend
15:41:29 <nahamu> svcadm enable wireguard-tools:tun
15:41:36 <nahamu> tozhu: those are the 2 commands you need to run
15:42:05 <nahamu> the actual tun device might be a different number; you can name that e.g. tunnel.cfg and use "tunnel" instead of "tun0"
15:42:11 <tozhu> after import it?
15:42:39 <tozhu> thank you, I’ll do a test
15:42:43 <nahamu> uh, I thought it was already imported... let me test again.
15:43:11 <nahamu> but yes, you could import the manifest if it's not imported.
15:43:24 <nahamu> jperkin: have a great weekend!
15:50:00 <nahamu> tozhu: did you get it to work?
15:51:22 <tozhu> nahamu: I have imported, but the state leaves maintenance
15:51:47 <tozhu> after command ‘svcadm enable wireguard-tools’
15:52:09 <bahamat> tozhu: svcadm clear wireguard-tools
15:52:27 <tozhu> and network interface tun0 is up , but leave 0.0.0.0/0 
15:53:19 <nahamu> hmm
15:53:22 <tozhu> still leave the state ‘maintenance’ after ‘svcadm clear wireguard-tools’ command
15:53:43 <jperkin> thanks, first time attempting a 100k ultra marathon, insert straight-face erk smiley here - ping me on Monday nahamu and I'll update the packages to latest versions
15:54:00 <bahamat> jperkin: Good luck!
15:54:09 <bahamat> please don't die! :-)
15:54:10 <tozhu> and there is /etc/wireguard/tun0.conf 
15:54:21 <nahamu> first let's rename that from tun0.conf to tunnel.conf
15:54:48 <nahamu> wg-quick will automatically detect the tun device number when it gets created.
15:57:43 <tozhu> nahamu: I have rename tun0.conf to tunnel.conf, then killed wireguard-go, and run ‘svcadm clear wireguard-tools’
15:58:25 <tozhu> but there is no new file generated in /etc/wireguard dir, and also there is no tunX interface by ifconfig command
15:58:37 <nahamu> "svccfg -s wireguard-tools delete tun0"
15:58:40 <nahamu> just to be safe
15:58:53 <tozhu> okay, thank you
16:00:17 <nahamu> on my machine wg-quick doesn't like the keys from your example.
16:02:50 <tozhu> nahamu: have run ‘svccfg -s wireguard-tools delete tun0’ command, and then re-run the command ‘svccfg -s wireguard-tools add tun0’ to import it, but leave the same status
16:03:25 <nahamu> don't add a tun0
16:03:45 <nahamu> if the file is named "tunnel.conf" add "tunnel"
16:04:45 <tozhu> okay, I’ll re-run
16:06:54 <nahamu> then you can see the errors with:
16:07:06 <nahamu> cat `svcs -L wireguard-tools:tunnel`
16:07:20 <nahamu> When I put in new keys, it works for me.
16:13:00 <tozhu> nahamu: here is my command log and screen dump  https://pastebin.com/i7VnWbHk     would you please show me your configuration in /etc/wireguard/XXX.conf ?
16:13:19 <nahamu> yup, one moment.
16:13:55 <tozhu> and this zone is a local zone, it is not a global zone
16:14:04 <nahamu> you might have a dangling wireguard-go process you should kill.
16:14:10 <nahamu> pkill wireguard-go
16:19:33 <nahamu> need a few more minutes.
16:30:02 <nahamu> tozhu: can you create a fresh zone and try out this script? https://gist.github.com/nshalman/25a7adb26d29a67e98bb03b4f72f9913
16:30:36 <nahamu> If that works, you should be able to adapt the resulting config file to work for you.
16:31:28 <tozhu> nahamu: Thank you very much
16:31:33 <tozhu> Thank you
16:31:50 <nahamu> My wg-quick might be messing up with /32 at the end of IP addresses in certain places.
16:33:03 <tozhu> okay, thanks again for the great help
16:33:50 <nahamu> please let me know in the end what you had to do to get it working.
16:44:24 <tozhu> sure, I’ll test it in this weekend, and then feedback to you the status, thanks again
16:44:35 <nahamu> sounds good. good luck tozhu!