From 8fd2721345e80cfaf91cfddcd49cdd5a99c68f4a Mon Sep 17 00:00:00 2001 From: Mark Lawrence Date: Sat, 23 May 2026 18:33:14 +0000 Subject: [PATCH] Document necessary systemd-networkd configuration (#694) By default, the systemd-networkd.service(8) removes routing policy created by other tools when it starts. This can cause wireguard tunnels to stop working during a system upgrade or other administration actions. Document the configuration necessary to prevent this occuring. Signed-off-by: Mark Lawrence --- .../documentation/getting-started/binaries.md | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/docs/documentation/getting-started/binaries.md b/docs/documentation/getting-started/binaries.md index 54eda62..843cefc 100644 --- a/docs/documentation/getting-started/binaries.md +++ b/docs/documentation/getting-started/binaries.md @@ -51,13 +51,31 @@ sudo install wg-portal /opt/wg-portal/ To handle tasks such as restarting the service or configuring automatic startup, it is recommended to use a process manager like [systemd](https://systemd.io/). Refer to [Systemd Service Setup](#systemd-service-setup) for instructions. -## Systemd Service Setup +## Systemd Integration > **Note:** To run WireGuard Portal as systemd service, you need to download the binary for your architecture beforehand. > > The following examples assume that you downloaded the binary to `/opt/wg-portal/wg-portal`. > The configuration file is expected to be located at `/opt/wg-portal/config.yml`. +### Limit Systemd-Networkd Management Scope + +If you are using `systemd-networkd` to manage the rest of your network +configuration, you will need to ensure it doesn't remove routing policy +created by `wg-portal` when it restarts: + +```shell +sudo mkdir --parents /etc/systemd/networkd.conf.d/ +sudo tee --append /etc/systemd/networkd.conf.d/foreign-routing.conf <