Continued use of `wg-quick save` and SaveConfig=true?

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Cc: Mira Ressel <aranea@aixah.de>, A Jones <aaronmdjones@gmail.com>
Subject: Continued use of `wg-quick save` and SaveConfig=true?
Date: Sat, 2 Jan 2021 15:37:09 +0100	[thread overview]
Message-ID: <CAHmME9oGiqbq1LtGtV=-wUu7K4OajdQO+6RiEZFw9jP73zpJ2Q@mail.gmail.com> (raw)

Hi,

I was thinking recently that most people have switched from a model of
updating the runtime configuration and then reading that back into a
config file, to editing the config file and then syncing that with the
runtime config. In other words, people have moved from doing:

# wg set wg0 peer ... allowed-ips ...
# wg-quick save wg0

To doing:

# vim /etc/wireguard/wg0.conf
# wg syncconf wg0 <(wg-quick strip wg0)

I think this is mostly a positive change too in terms of reliability.
Reading back the runtime configuration was always a bit hit or miss,
and I suspect that more times than not people have been confused by
SaveConfig=true.

That raises the question: are there good uses left for SaveConfig=true
and `wg-quick save` that warrant keeping the feature around?
Temporarily caching a roamed endpoint IP, perhaps, but how helpful is
that?

I haven't thought too deeply about this in order to be wedded to one
outcome over the other yet, but seeing some confusion today, again, in
#wireguard over the feature made me wonder.

Any opinions on this? Any one on this list actively use this feature
and see replacements for it (e.g. syncconf) as clearly inferior?

Jason

next             reply	other threads:[~2021-01-02 14:37 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-01-02 14:37 Jason A. Donenfeld [this message]
2021-01-03 19:59 ` Chris Osicki
2021-01-04 16:16   ` Maarten de Vries
2021-01-04 18:41     ` Adrian Larsen
2021-01-04 21:05       ` Maarten de Vries
2021-01-05  0:16         ` Adrian Larsen
2021-01-08 10:42         ` Eicke Herbertz
2021-01-05  2:00       ` Michael B. Williams

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAHmME9oGiqbq1LtGtV=-wUu7K4OajdQO+6RiEZFw9jP73zpJ2Q@mail.gmail.com' \
    --to=jason@zx2c4.com \
    --cc=aaronmdjones@gmail.com \
    --cc=aranea@aixah.de \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).