wireguard-tools: add uci option to disable wireguard peers

Right now when I want to temporarily disable wg peer I need to delete the entire peer section. This is not such a good solution because I loose the previous configuration of the peer. This patch adds `disabled` option to peer config which causes that the config section is ignored. Signed-off-by: Stepan Henek <stepan.henek@nic.cz> [use $(AUTORELEASE)] Signed-off-by: Paul Spooren <mail@aparcar.org>
musashino-build · Oct 18, 2021 · c4e9940 · c4e9940
1 parent dbb0019
commit c4e9940
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 1 deletion.
diff --git a/package/network/utils/wireguard-tools/Makefile b/package/network/utils/wireguard-tools/Makefile
@@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/kernel.mk
 PKG_NAME:=wireguard-tools
 
 PKG_VERSION:=1.0.20210424
-PKG_RELEASE:=1
+PKG_RELEASE:=$(AUTORELEASE)
 
 PKG_SOURCE:=wireguard-tools-$(PKG_VERSION).tar.xz
 PKG_SOURCE_URL:=https://git.zx2c4.com/wireguard-tools/snapshot/

diff --git a/package/network/utils/wireguard-tools/files/wireguard.sh b/package/network/utils/wireguard-tools/files/wireguard.sh
@@ -26,6 +26,7 @@ proto_wireguard_init_config() {
 proto_wireguard_setup_peer() {
 	local peer_config="$1"
 
+	local disabled
 	local public_key
 	local preshared_key
 	local allowed_ips
@@ -34,6 +35,7 @@ proto_wireguard_setup_peer() {
 	local endpoint_port
 	local persistent_keepalive
 
+	config_get_bool disabled "${peer_config}" "disabled" 0
 	config_get public_key "${peer_config}" "public_key"
 	config_get preshared_key "${peer_config}" "preshared_key"
 	config_get allowed_ips "${peer_config}" "allowed_ips"
@@ -42,6 +44,11 @@ proto_wireguard_setup_peer() {
 	config_get endpoint_port "${peer_config}" "endpoint_port"
 	config_get persistent_keepalive "${peer_config}" "persistent_keepalive"
 
+	if [ "${disabled}" -eq 1 ]; then
+		# skip disabled peers
+		return 0
+	fi
+
 	if [ -z "$public_key" ]; then
 		echo "Skipping peer config $peer_config because public key is not defined."
 		return 0

diff --git a/package/network/utils/wireguard-tools/files/wireguard_watchdog b/package/network/utils/wireguard-tools/files/wireguard_watchdog
@@ -17,16 +17,24 @@
 check_peer_activity() {
   local cfg=$1
   local iface=$2
+  local disabled
   local public_key
   local endpoint_host
   local endpoint_port
   local persistent_keepalive
   local last_handshake
   local idle_seconds
 
+  config_get_bool disabled "${cfg}" "disabled" 0
   config_get public_key "${cfg}" "public_key"
   config_get endpoint_host "${cfg}" "endpoint_host"
   config_get endpoint_port "${cfg}" "endpoint_port"
+
+  if [ "${disabled}" -eq 1 ]; then
+    # skip disabled peers
+    return 0
+  fi
+
   persistent_keepalive=$(wg show ${iface} persistent-keepalive | grep ${public_key} | awk '{print $2}')
 
   # only process peers with endpoints and keepalive set