nik/FreedomBox
1
0
Fork 0
mirror of https://github.com/freedombox/FreedomBox.git synced 2026-04-29 10:10:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

wireguard: Make setup idempotent

Browse Source 
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This commit is contained in:
James Valleroy 2019-09-17 20:00:54 -04:00
parent aa66a9135c
commit a0ea33d9b6
No known key found for this signature in database
GPG Key ID: 77C0C75E7B650808
1 changed files with 12 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
actions/wireguard
View File

@ -106,15 +106,20 @@ def _generate_key_pair():
def subcommand_setup(_): def subcommand_setup(_):
"""Setup WireGuard.""" """Setup WireGuard."""
# TODO: make idempotent # Create interface.
try:
subprocess.run(['ip', 'link', 'show', SERVER_INTERFACE],
stdout=subprocess.DEVNULL, stderr=subprocess.DEVNULL,
check=True)
except subprocess.CalledProcessError:
subprocess.run(
['ip', 'link', 'add', 'dev', SERVER_INTERFACE, 'type',
'wireguard'], check=True)
# create interface if not (PUBLIC_KEY_PATH.exists() and PRIVATE_KEY_PATH.exists()):
subprocess.run( _generate_key_pair()
['ip', 'link', 'add', 'dev', SERVER_INTERFACE, 'type', 'wireguard'],
check=True)
_generate_key_pair()
# Configure interface.
subprocess.run( subprocess.run(
['wg', 'set', SERVER_INTERFACE, 'listen-port', '51820', 'private-key', ['wg', 'set', SERVER_INTERFACE, 'listen-port', '51820', 'private-key',
str(PRIVATE_KEY_PATH)], check=True) str(PRIVATE_KEY_PATH)], check=True)