from: https://yggdrasil-network.github.io/ "Yggdrasil is an early-stage implementation of a fully end-to-end encrypted IPv6 network." I spent the last few days packaging it and now it's in a state where I think it's usable. The configuration can include private keys, so that part should NOT go in the operating system config, because it would get stored in the world-readable Guix store. Nix works around this by merging the generated config with a JSON file and sending it to yggdrasil over its stdin. I chose not to do that because I couldn't figure out how to open a service's stdin and because I think the way I did it is much more elegant in the long run. The package is lightly patched to take not one but two config files, and it simply merges them internally. The patch is completely backwards compatible and unobtrusive. It took me about an hour to write and debug and most of that was just figuring out Go's syntax and type system. I will try to get upstream to accept it, or implement similar functionality. Still TODO: documenting the service as an info page. The gist of using it is: 1. look at example operating system 2. see yggdrasil -genconf -json for config options (3.) optional: save output as /etc/yggdrasil-secret.conf (4.) chmod 600 /etc/yggdrasil-secret.conf (5.) delete everything but the signing and encryption keys 6. add peers as needed, or set autoconf? to #t to connect through a local peer It seems to work fine. I could connect to open peers from one machine and another one could auto-configure itself to connect through the first one over the LAN. It's pretty nifty.
0001-gnu-go-golang-org-x-sys-update-to-05986578812163b266.patch
Description: Text Data
0002-gnu-add-yggdrasil-dependencies.patch
Description: Text Data
0003-gnu-add-yggdrasil-package-at-version-0.3.14-plus-pat.patch
Description: Text Data
0004-gnu-services-Add-new-service-for-yggdrasil-network.patch
Description: Text Data
0005-gnu-system-add-example-with-yggdrasil.patch
Description: Text Data
--- End Message ---