From: Guy Godfroy <guy.godfroy@gugod.fr>
To: wireguard@lists.zx2c4.com
Subject: Re: [PATCH] wg-quick: add 'reload' command (wrapper for 'wg syncconf')
Date: Fri, 10 Apr 2020 11:42:29 +0200 [thread overview]
Message-ID: <c9dab5f9-e34b-bf53-c018-b2985c7bdf9a@gugod.fr> (raw)
In-Reply-To: <20200330084157.51834-1-tore@fud.no>
Hello,
I wish this patch could be merged. This would make stuff easier, cleaner
and consistent with a lot of other services.
Guy Godfroy
Le 30/03/2020 à 10:41, Tore Anderson a écrit :
> Also add an ExecReload statement that uses this in the systemd template unit.
>
> Signed-off-by: Tore Anderson <tore@fud.no>
> ---
> src/man/wg-quick.8 | 9 ++++++---
> src/systemd/wg-quick@.service | 1 +
> src/wg-quick/darwin.bash | 17 ++++++++++++++++-
> src/wg-quick/freebsd.bash | 15 ++++++++++++++-
> src/wg-quick/linux.bash | 15 ++++++++++++++-
> src/wg-quick/openbsd.bash | 15 ++++++++++++++-
> 6 files changed, 65 insertions(+), 7 deletions(-)
>
> diff --git a/src/man/wg-quick.8 b/src/man/wg-quick.8reload
> index eca3b48..023805e 100644
> --- a/src/man/wg-quick.8
> +++ b/src/man/wg-quick.8
> @@ -10,6 +10,8 @@ wg-quick - set up a WireGuard interface simply
> |
> .I down
> |
> +.I reload
> +|
> .I save
> |
> .I strip
> @@ -28,9 +30,10 @@ Use \fIup\fP to add and set up an interface, and use \fIdown\fP to tear down and
> an interface. Running \fIup\fP adds a WireGuard interface, brings up the interface with the
> supplied IP addresses, sets up mtu and routes, and optionally runs pre/post up scripts. Running \fIdown\fP
> optionally saves the current configuration, removes the WireGuard interface, and optionally
> -runs pre/post down scripts. Running \fIsave\fP saves the configuration of an existing
> -interface without bringing the interface down. Use \fIstrip\fP to output a configuration file
> -with all
> +runs pre/post down scripts. Running \fIreload\fP synchronises any changes to peers/keys in
> +the config file with an already active interfaces. Running \fIsave\fP saves the configuration
> +of an existing interface without bringing the interface down. Use \fIstrip\fP to output a
> +configuration file with all
> .BR wg-quick (8)-specific
> options removed, suitable for use with
> .BR wg (8).
> diff --git a/src/systemd/wg-quick@.service b/src/systemd/wg-quick@.service
> index 7c5f9d1..a3b89d9 100644
> --- a/src/systemd/wg-quick@.service
> +++ b/src/systemd/wg-quick@.service
> @@ -14,6 +14,7 @@ Type=oneshot
> RemainAfterExit=yes
> ExecStart=/usr/bin/wg-quick up %i
> ExecStop=/usr/bin/wg-quick down %i
> +ExecReload=/usr/bin/wg-quick reload %i
> Environment=WG_ENDPOINT_RESOLUTION_RETRIES=infinity
>
> [Install]
> diff --git a/src/wg-quick/darwin.bash b/src/wg-quick/darwin.bash
> index d9d07cf..a732d6a 100755
> --- a/src/wg-quick/darwin.bash
> +++ b/src/wg-quick/darwin.bash
> @@ -350,6 +350,10 @@ set_config() {
> cmd wg setconf "$REAL_INTERFACE" <(echo "$WG_CONFIG")
> }
>
> +sync_config() {
> + cmd wg syncconf "$REAL_INTERFACE" <(echo "$WG_CONFIG")
> +}
> +
> save_config() {
> local old_umask new_config current_config address cmd
> new_config=$'[Interface]\n'
> @@ -398,7 +402,7 @@ execute_hooks() {
>
> cmd_usage() {
> cat >&2 <<-_EOF
> - Usage: $PROGRAM [ up | down | save | strip ] [ CONFIG_FILE | INTERFACE ]
> + Usage: $PROGRAM [ up | down | reload | save | strip ] [ CONFIG_FILE | INTERFACE ]
>
> CONFIG_FILE is a configuration file, whose filename is the interface name
> followed by \`.conf'. Otherwise, INTERFACE is an interface name, with
> @@ -458,6 +462,13 @@ cmd_down() {
> execute_hooks "${POST_DOWN[@]}"
> }
>
> +cmd_reload() {
> + if ! get_real_interface || [[ " $(wg show interfaces) " != *" $REAL_INTERFACE "* ]]; then
> + die "\`$INTERFACE' is not a WireGuard interface"
> + fi
> + sync_config
> +}
> +
> cmd_save() {
> if ! get_real_interface || [[ " $(wg show interfaces) " != *" $REAL_INTERFACE "* ]]; then
> die "\`$INTERFACE' is not a WireGuard interface"
> @@ -482,6 +493,10 @@ elif [[ $# -eq 2 && $1 == down ]]; then
> auto_su
> parse_options "$2"
> cmd_down
> +elif [[ $# -eq 2 && $1 == reload ]]; then
> + auto_su
> + parse_options "$2"
> + cmd_reload
> elif [[ $# -eq 2 && $1 == save ]]; then
> auto_su
> parse_options "$2"
> diff --git a/src/wg-quick/freebsd.bash b/src/wg-quick/freebsd.bash
> index c390dcc..6eef1f6 100755
> --- a/src/wg-quick/freebsd.bash
> +++ b/src/wg-quick/freebsd.bash
> @@ -333,6 +333,10 @@ set_config() {
> cmd wg setconf "$INTERFACE" <(echo "$WG_CONFIG")
> }
>
> +sync_config() {
> + cmd wg syncconf "$INTERFACE" <(echo "$WG_CONFIG")
> +}
> +
> save_config() {
> local old_umask new_config current_config address cmd
> new_config=$'[Interface]\n'
> @@ -382,7 +386,7 @@ execute_hooks() {
>
> cmd_usage() {
> cat >&2 <<-_EOF
> - Usage: $PROGRAM [ up | down | save | strip ] [ CONFIG_FILE | INTERFACE ]
> + Usage: $PROGRAM [ up | down | reload | save | strip ] [ CONFIG_FILE | INTERFACE ]
>
> CONFIG_FILE is a configuration file, whose filename is the interface name
> followed by \`.conf'. Otherwise, INTERFACE is an interface name, with
> @@ -440,6 +444,11 @@ cmd_down() {
> execute_hooks "${POST_DOWN[@]}"
> }
>
> +cmd_reload() {
> + [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
> + sync_config
> +}
> +
> cmd_save() {
> [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
> save_config
> @@ -464,6 +473,10 @@ elif [[ $# -eq 2 && $1 == down ]]; then
> auto_su
> parse_options "$2"
> cmd_down
> +elif [[ $# -eq 2 && $1 == reload ]]; then
> + auto_su
> + parse_options "$2"
> + cmd_reload
> elif [[ $# -eq 2 && $1 == save ]]; then
> auto_su
> parse_options "$2"
> diff --git a/src/wg-quick/linux.bash b/src/wg-quick/linux.bash
> index 7c2c002..37d6ba8 100755
> --- a/src/wg-quick/linux.bash
> +++ b/src/wg-quick/linux.bash
> @@ -246,6 +246,10 @@ set_config() {
> cmd wg setconf "$INTERFACE" <(echo "$WG_CONFIG")
> }
>
> +sync_config() {
> + cmd wg syncconf "$INTERFACE" <(echo "$WG_CONFIG")
> +}
> +
> save_config() {
> local old_umask new_config current_config address cmd
> [[ $(ip -all -brief address show dev "$INTERFACE") =~ ^$INTERFACE\ +\ [A-Z]+\ +(.+)$ ]] || true
> @@ -293,7 +297,7 @@ execute_hooks() {
>
> cmd_usage() {
> cat >&2 <<-_EOF
> - Usage: $PROGRAM [ up | down | save | strip ] [ CONFIG_FILE | INTERFACE ]
> + Usage: $PROGRAM [ up | down | reload | save | strip ] [ CONFIG_FILE | INTERFACE ]
>
> CONFIG_FILE is a configuration file, whose filename is the interface name
> followed by \`.conf'. Otherwise, INTERFACE is an interface name, with
> @@ -347,6 +351,11 @@ cmd_down() {
> execute_hooks "${POST_DOWN[@]}"
> }
>
> +cmd_reload() {
> + [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
> + sync_config
> +}
> +
> cmd_save() {
> [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
> save_config
> @@ -368,6 +377,10 @@ elif [[ $# -eq 2 && $1 == down ]]; then
> auto_su
> parse_options "$2"
> cmd_down
> +elif [[ $# -eq 2 && $1 == reload ]]; then
> + auto_su
> + parse_options "$2"
> + cmd_reload
> elif [[ $# -eq 2 && $1 == save ]]; then
> auto_su
> parse_options "$2"
> diff --git a/src/wg-quick/openbsd.bash b/src/wg-quick/openbsd.bash
> index 8d458d1..c509e70 100755
> --- a/src/wg-quick/openbsd.bash
> +++ b/src/wg-quick/openbsd.bash
> @@ -313,6 +313,10 @@ set_config() {
> cmd wg setconf "$REAL_INTERFACE" <(echo "$WG_CONFIG")
> }
>
> +sync_config() {
> + cmd wg syncconf "$INTERFACE" <(echo "$WG_CONFIG")
> +}
> +
> save_config() {
> local old_umask new_config current_config address network cmd
> new_config=$'[Interface]\n'
> @@ -361,7 +365,7 @@ execute_hooks() {
>
> cmd_usage() {
> cat >&2 <<-_EOF
> - Usage: $PROGRAM [ up | down | save | strip ] [ CONFIG_FILE | INTERFACE ]
> + Usage: $PROGRAM [ up | down | reload | save | strip ] [ CONFIG_FILE | INTERFACE ]
>
> CONFIG_FILE is a configuration file, whose filename is the interface name
> followed by \`.conf'. Otherwise, INTERFACE is an interface name, with
> @@ -419,6 +423,11 @@ cmd_down() {
> execute_hooks "${POST_DOWN[@]}"
> }
>
> +cmd_reload() {
> + [[ " $(wg show interfaces) " == *" $INTERFACE "* ]] || die "\`$INTERFACE' is not a WireGuard interface"
> + sync_config
> +}
> +
> cmd_save() {
> if ! get_real_interface || [[ " $(wg show interfaces) " != *" $REAL_INTERFACE "* ]]; then
> die "\`$INTERFACE' is not a WireGuard interface"
> @@ -442,6 +451,10 @@ elif [[ $# -eq 2 && $1 == down ]]; then
> auto_su
> parse_options "$2"
> cmd_down
> +elif [[ $# -eq 2 && $1 == reload ]]; then
> + auto_su
> + parse_options "$2"
> + cmd_reload
> elif [[ $# -eq 2 && $1 == save ]]; then
> auto_su
> parse_options "$2"
>
next prev parent reply other threads:[~2020-04-14 8:13 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-30 8:41 Tore Anderson
2020-04-10 9:42 ` Guy Godfroy [this message]
2020-06-02 13:09 ` Tore Anderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c9dab5f9-e34b-bf53-c018-b2985c7bdf9a@gugod.fr \
--to=guy.godfroy@gugod.fr \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).