Docker for Desktop Wireguard Kernel Module and Tool build script

build

#!/bin/sh
# curl -sL https://gist.github.com/steigr/0746c759db9acbb608c1c9fca6d45c96/raw/61aace735f8e2adb991bcdf2b07c9aa420ced0c7 | sh
docker run --rm --cap-add=SYS_MODULE -i alpine sh <<'_EOF' | tar xv
apk add --no-cache make gcc curl bc libc-dev git xz bzip2 >&2
mkdir -p /usr/src/linux /usr/src/libmnl /usr/src/wireguard >&2
# linux headers and build infrastructure
KVER="$(awk -F'version ' < /proc/version '{print $2}' | awk -F- '{print $1}')" >&2
curl -L "https://cdn.kernel.org/pub/linux/kernel/v${KVER%%.*}.x/linux-${KVER}.tar.xz" | xzcat | tar -x -C /usr/src/linux --strip-components=1 >&2
cd /usr/src/linux >&2
zcat /proc/config.gz > .config
make INSTALL_HDR_PATH=/usr modules_prepare headers_install >&2
# static libmnl
curl -L https://netfilter.org/projects/libmnl/files/libmnl-1.0.4.tar.bz2 | bzcat | tar -x -C /usr/src/libmnl --strip-components=1 >&2
cd /usr/src/libmnl >&2
./configure --enable-static --prefix=/usr CFLAGS=-Os >&2
make install V=1 >&2
# wireguard module and wg tool
WGVER="$(git ls-remote https://git.zx2c4.com/WireGuard | grep '\srefs/tags/' | grep -v '{}$' | head -n1 | awk '{print $2}' | xargs basename)" >&2
curl -L https://git.zx2c4.com/WireGuard/snapshot/WireGuard-${WGVER}.tar.xz  | xzcat | tar -x -C /usr/src/wireguard --strip-components=1 >&2
cd /usr/src/wireguard/src >&2
sed -e 's#CFLAGS ?= -O3#CFLAGS ?= -Os#' -i /usr/src/wireguard/src/tools/Makefile
sed -e 's#LDLIBS += $(LIBMNL_LDLIBS)#LDLIBS += /usr/lib/libmnl.a#' -i /usr/src/wireguard/src/tools/Makefile
make KERNELDIR=/usr/src/linux all >&2
insmod wireguard.ko >&2
strip tools/wg >&2
mv tools/wg wg >&2
# and safe
tar -c wg wireguard.ko
_EOF