Why did LE decide to use connmanctl for wireguard?

    Just wondering why when wireguard tools etc are already on LE ( even if they weren't) that connman was elected to be used for setting up wireguard connections, as opposed to setting it up natively.

    Is there scope to enable certain kernel configurations that would enable native support for wireguard?

    The work to support WireGuard was done by me (not the worlds best script/coder) and with a single use-case in mind: routing all traffic to my home network so I can watch content from home or bypass geoblocking to stream content as if at home (not the hotel in a foreign country I'm often at). I originally used a simplified homebrew version of wg-quick which worked but had lots of logic holes and was hacky. Then I had a chat with Daniel Wagner (ConnMan dev) and that encouraged ConnMan to gain support for WireGuard in the VPN module. This continues to support my use-case and has the added benefit of making connections on/off controllable through the LE settings add-on.

    I've no issues with people enhancing the current arrangement, but a) nobody has ever proposed any alternative (via pull request on GitHub), and b) it would need to be a well tested and robust arrangement not the usual "look mum, I made the lights blink" level of beginner script mess that we typically see in the forums. The best approach would be submitting code to ConnMan to address whatever missing feature or bug exist because then ConnMan owns the maintenance of the feature, not LE, where things often get overlooked.

    I apologise if it came across as offensive, I was just trying to understand. As it stands, there is no docker equivalent of wiregaurd connman implementation which makes it easy to route applications through VPN. As such standard docker available on ducker hub for wireguard do not work here. I wish I was smart enough to do even hacky scripts ! :D

    I like the ConnMan implementation.
    The manual config straight into a file could probably do with a GUI for more general use, but I personally don't mind.
    The ability to turn the VPN on and off from the LE GUI is great through, other family members can decide between geoblocking avoidance or local content without hand-holding just by flipping that graphical switch!

    Quote from mfizz

    I apologise if it came across as offensive, I was just trying to understand.

    No offense taken. I'm quite aware that the current setup doesn't suit everyone's needs, but at the same time I don't have a way (or the time) to test more exotic WireGuard configurations. The same is true for Daniel (the ConnMan dev who did the initial work) which is one reason it's not evolved much further.