1:48 p.m.
Helo everyone,
for a while I have been using containers that join themselves into a
VPN via their entrypoint script.
Only a small CIDR is forwarded to that private network and all other
traffic gets routed over the bridged network via the host.
In my exact use case the containers use WireGuard and need the
following configurations:
- private key (public keys can be derived)
- public key of an endpoint
- network routable IP of an endpoint
- Port of the endpoint
- CIDR to route to endpoint
Optionally multiple endpoints could be specified.
As this hack inside the entrypoint is not the most elegant way (DRY)
and so on, I would like to ask whether or not it would be possible to
integrate this functionality into podman.
Specifically to integrate support for a WireGuard interface
configurable via CLI flags/config && together with this giving a
container multiple network interfaces at spawn with the ability to
specify which CIDR should route to which interface.
Implementing this would be an interesting challenge for me if it is at
all possible (or am I wasting my time here?)/
Any hints as to how I could proceed in implementing and testing this in
a fork of the project would be much appreciated!
Thanks alot
Max <b-m-f>