what I would like to build is a frugal install that includes wireguard. I would like to have wireguard in a read only module. whether wireguard is in it's own module or part of the base install module does not matter.
wireguard prefers openresolv for use with debian to prevent dns leaks. openresolv conflicts with frisbee and peasywifi, hence my desire to build with network-manager instead.
https://bugs.debian.org/cgi-bin/bugrepo ... bug=860564
the build I have working now was built using these instructions from the wireguard site: https://www.wireguard.com/install/
and backports from here: https://backports.debian.org/Instructions/Debian [module – v0.0.20200318 & tools – v1.0.20200319]
# apt install wireguard
Users with Debian releases older than Bullseye should enable backports.
so I added deb http://deb.debian.org/debian buster-backports main
to /etc/apt/sources.list
# apt update
# apt-get -t buster-backports install wireguard
when configuring wireguard in busterdog I have found that I also need to have nftables installed. There is also a script from mullvad vpn which generates a configuration and key exchange. it works well, but needs curl and jq
I do not necessarily need to build my install with upgrade-kernel-buster-bpo, I just thought to give it a try and see if it would make a difference doing things the busterdog way. My focus at this point is to create a create a wireguard module or having wireguard inside some other module. Perhaps remastering would be a better way to move forward than using remastercow?
Thanks