Wireguard support

[didnt1able]

Would support for wireguard clients be added to the device list in yast so we can add client configs for wireguard adapters.

[mtomaschewski]

Well, can't say much about adding yast2 support for wireguard interfaces, please open an issue at https://github.com/yast/yast-network, but of course it could be added to wicked.

Wicked actually does not create any configurations (wgX.conf or ifcfg-wgX files), but is starting/applying them to the system -- it's yast2-network's job to create the (interface) configurations, assign firewalld zone, ... @teclator, what do you think about?

Note, that implementing it in wicked has some conflict potential with the wg-quick(8) and the wg-quick@.service, which is setting up wireguard interfaces, creating some fwmark routing and own firewall rules (AFAIR it's not using an configuration aka a zone in firewalld, but adding some nftables or iptable rules itself).

@rma-x, AFAIR you were looking/interested at wireguard too -- do you have some findings? What are you thinking about?

[rma-x]

I also see potential conflicts between wg-quick and wicked/netconfig, because they do the same things in different ways and might stomp onto each other's feet, not only for routing and firewall rules, but also for manipulating /etc/resolv.conf and maybe other stuff as well.

Because much of the functionality of wg-quick probably exists in wicked/netconfig already, I think the cleanest solution would be to use these existing mechanisms for generic stuff like routing, firewall and resolv.conf manipulation, and directly call wg for the Wireguard specific stuff. That way wg-quick wouldn't be used at all by wicked and could probably be moved into an optional subpackage for those who want to use it anyway.

That might also make it easier to add YaST2 support for Wireguard, based on one of the existing interface types.