I made an initial attempt to package strongswan, I got it to a point where everything builds and runs fine in devmode, the charon service starts on install with the default configuration shipped by upstream.
Since I’m not super familiar with IPSec VPNs and their setup, I’m asking for some help here from someone more knowledgeable than me to finish the snap…
The whole configuration lives in /var/snap/strongswan/current/etc after install in case you want to help and tinker with it.
Scripts and tools are shipped as:
strongswan-ogra.pki
strongswan-ogra.ipsec
strongswan-ogra.swanctl
The service can be controlled via systemctl as:
snap.strongswan-ogra.strongswan.service
The code can be found at:
UPDATE: I had to rename the experimental snap to strongswan-ogra since the strongswan name is already registered.
UPDATE2: the package is now in the store in the edge channel, you can install it via: snap install --devmode --edge strongswan-ogra
any feedback in this thread is appreciated.
I have been able to install the strongswan-ogra snap from the edge channel and I am starting to work with it. I have access to a fairly large lab and I have been attempting to setup some complex route based VPN scenarios with the quagga snap. One item I have ran into with the snap was after you renamed it from strongswan to strongswan-ogra. I found that some of the paths in the wrappers contained in the snap still had paths referencing /var/snap/strongswan/ and that the snapcraft.yaml needed some additional prepare statements . On github another user jehos has done a pull request with the fixes but they have not been approved and bundled into the snap.
