From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Cc: Mira Ressel <aranea@aixah.de>, A Jones <aaronmdjones@gmail.com>
Subject: Continued use of `wg-quick save` and SaveConfig=true?
Date: Sat, 2 Jan 2021 15:37:09 +0100 [thread overview]
Message-ID: <CAHmME9oGiqbq1LtGtV=-wUu7K4OajdQO+6RiEZFw9jP73zpJ2Q@mail.gmail.com> (raw)
Hi,
I was thinking recently that most people have switched from a model of
updating the runtime configuration and then reading that back into a
config file, to editing the config file and then syncing that with the
runtime config. In other words, people have moved from doing:
# wg set wg0 peer ... allowed-ips ...
# wg-quick save wg0
To doing:
# vim /etc/wireguard/wg0.conf
# wg syncconf wg0 <(wg-quick strip wg0)
I think this is mostly a positive change too in terms of reliability.
Reading back the runtime configuration was always a bit hit or miss,
and I suspect that more times than not people have been confused by
SaveConfig=true.
That raises the question: are there good uses left for SaveConfig=true
and `wg-quick save` that warrant keeping the feature around?
Temporarily caching a roamed endpoint IP, perhaps, but how helpful is
that?
I haven't thought too deeply about this in order to be wedded to one
outcome over the other yet, but seeing some confusion today, again, in
#wireguard over the feature made me wonder.
Any opinions on this? Any one on this list actively use this feature
and see replacements for it (e.g. syncconf) as clearly inferior?
Jason
next reply other threads:[~2021-01-02 14:37 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-02 14:37 Jason A. Donenfeld [this message]
2021-01-03 19:59 ` Chris Osicki
2021-01-04 16:16 ` Maarten de Vries
2021-01-04 18:41 ` Adrian Larsen
2021-01-04 21:05 ` Maarten de Vries
2021-01-05 0:16 ` Adrian Larsen
2021-01-08 10:42 ` Eicke Herbertz
2021-01-05 2:00 ` Michael B. Williams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAHmME9oGiqbq1LtGtV=-wUu7K4OajdQO+6RiEZFw9jP73zpJ2Q@mail.gmail.com' \
--to=jason@zx2c4.com \
--cc=aaronmdjones@gmail.com \
--cc=aranea@aixah.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).