network/wireguard: introduce [WireGuardPeer] PublicKeyFile=

Similar to PresharedKeyFile=, but for public key. Closes #34012.
2026-04-14 00:14:32 +09:00 · 2024-08-16 22:13:23 +09:00
parent 374aa1be7c
commit 4bf1a2c383
7 changed files with 43 additions and 7 deletions
--- a/man/systemd.netdev.xml
+++ b/man/systemd.netdev.xml
@@ -2026,6 +2026,19 @@
        <xi:include href="version-info.xml" xpointer="v237"/>
        </listitem>
      </varlistentry>
+      <varlistentry>
+        <term><varname>PublicKeyFile=</varname></term>
+        <listitem>
+          <para>Takes an absolute path to a file which contains the Base64 encoded public key for the peer.
+          When this option is specified, then <varname>PublicKey=</varname> will be ignored. Note that the
+          file must be readable by the user <literal>systemd-network</literal>, so it should be, e.g., owned
+          by <literal>root:systemd-network</literal> with a <literal>0640</literal> file mode. If the path
+          refers to an <constant>AF_UNIX</constant> stream socket in the file system a connection is made to
+          it and the key read from it.</para>
+
+          <xi:include href="version-info.xml" xpointer="v257"/>
+        </listitem>
+      </varlistentry>
      <varlistentry>
        <term><varname>PresharedKey=</varname></term>
        <listitem>