From 756ba94292b408cc4f23d137b2c4c52009b2b38d Mon Sep 17 00:00:00 2001
From: James O'Doherty <james@theodohertyfamily.com>
Date: Fri, 22 May 2026 09:13:16 -0400
Subject: Scaffold wg-wrap project structure and toolchain

---
 internal/config/config.go            |  7 +++++++
 internal/namespace/namespace_test.go | 24 ++++++++++++++++++++++++
 internal/wireguard/wireguard_test.go | 17 +++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100644 internal/config/config.go
 create mode 100644 internal/namespace/namespace_test.go
 create mode 100644 internal/wireguard/wireguard_test.go

(limited to 'internal')

diff --git a/internal/config/config.go b/internal/config/config.go
new file mode 100644
index 0000000..5aa8462
--- /dev/null
+++ b/internal/config/config.go
@@ -0,0 +1,7 @@
+package config
+
+type Config struct {
+	Profile   string
+	DNSServer string
+	Command   []string
+}
diff --git a/internal/namespace/namespace_test.go b/internal/namespace/namespace_test.go
new file mode 100644
index 0000000..cfa0e9b
--- /dev/null
+++ b/internal/namespace/namespace_test.go
@@ -0,0 +1,24 @@
+//go:build linux && integration
+
+package namespace
+
+import (
+	"testing"
+)
+
+func TestNamespaceCreation(t *testing.T) {
+	t.Log("Integration Test: Verifying CLONE_NEWUSER and CLONE_NEWNET syscalls")
+	// TODO: Verify that unshare creates a new network namespace
+	// TODO: Verify that the process has root privileges inside the namespace
+}
+
+func TestNamespacePinning(t *testing.T) {
+	t.Log("Integration Test: Verifying bind-mount of namespace to /run/user/$UID/wg-wrap/")
+	// TODO: Verify that the namespace survives after the process exits
+	// TODO: Verify that we can re-join the namespace via setns
+}
+
+func TestRoutingSetup(t *testing.T) {
+	t.Log("Integration Test: Verifying TUN device creation and IP routing table setup")
+	// TODO: Mock 'ip' command or use netlink to verify route exists
+}
diff --git a/internal/wireguard/wireguard_test.go b/internal/wireguard/wireguard_test.go
new file mode 100644
index 0000000..05e0fb7
--- /dev/null
+++ b/internal/wireguard/wireguard_test.go
@@ -0,0 +1,17 @@
+//go:build linux && integration
+
+package wireguard
+
+import (
+	"testing"
+)
+
+func TestWireGuardDeviceBinding(t *testing.T) {
+	t.Log("Integration Test: Verifying binding of userspace WG device to TUN device")
+	// TODO: Initialize a wg-go device and link it to a mock TUN
+}
+
+func TestIpcSetConfiguration(t *testing.T) {
+	t.Log("Integration Test: Verifying IpcSet applies keys and endpoints correctly")
+	// TODO: Verify that configuration updates are reflected in the device state
+}
-- 
cgit v1.2.3