Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config re-sync instead of full wireguard restart #316

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

Config re-sync instead of full wireguard restart #316

wants to merge 12 commits into from

Conversation

armisss4
Copy link
Contributor

Created wireguard restart script, which compares wg0.conf part between [Interface] and first peer with previous version for changes, and, if there is any - restarts whole wireguard, if the only changes are done to peers, it calls "wg syncconf", eliminating client disconnection after pressing apply config problem.
Resolves #228, resolves #167

@armisss4
User management
df10417 
More than one user with Manager or Admin permissions can be created from UI
@armisss4
Security fixes
4b5057e 
Patched some security holes with GetUser and UpdateUser, did some minor cleanup
@armisss4
Merge pull request #1 from armisss4/develop
4cc79da 
Merge from development branch
@armisss4
User control patch
93731c3 
Changed available actions done by an admin to itself: admin can no longer remove itself from users list, admin can no longer change its user type to manager.
@armisss4
Merge pull request #2 from armisss4/User-control-patch
f8a1041 
User control patch
@armisss4
Revert "User control patch"
b6eb046
@armisss4
Merge pull request #5 from armisss4/revert-2-User-control-patch
b06eb96 
Revert "User control patch"
@armisss4
Revert "Merge from development branch"
43148ce
@armisss4
Merge pull request #6 from armisss4/revert-1-develop
fdb36e4 
Revert "Merge from development branch"
@armisss4
Changed wgui.service
5986e1a 
Updated wgui.service to only apply changes, that were made to clients. Not fully tested, could cause issues with wg-quick specific options.
@armisss4
Changed wgui.service
aae63d1 
Changed wgui.service to call additional restart-wg.sh file.
@armisss4
Created restart-wg.sh file
09abbdf 
Created wireguard restart script, which compares wg0.conf part between [Interface] and first peer with previous version for changes, and, if there is any - restarts whole wireguard, if the only changes are done to peers, it calls "wg syncconf", eliminating client disconnection after pressing apply config problem.
@systemcrash
Copy link
Contributor

Since you are modifying a bash HEREDOC in the readme, insert a pwd via a shell variable instead of /DIR-TO-RESTART-FILE/ which not everyone will pick up on.

@afzl-wtu
Copy link

Instead of using: ExecStart=/usr/bin/systemctl restart wg-quick@wg0.service

use: ExecStart=/usr/bin/systemctl reload wg-quick@wg0.service

@kornpow
Copy link

kornpow commented Apr 4, 2023

I tried using systemctl reload instead of systemctl restart and reload caused my remote shell to never reconnect, while restart would reconnect after a few seconds.

I like the script though, Im using it on my machine!

I added another little thing to it, since I wanted my wg0.conf to be regenerated from the db each time I run the script.

...
config="/etc/wireguard/wg0.conf"
old_config="/etc/wireguard/wg0.conf.old"

rm $config
systemctl restart wireguard-ui
sleep 5
# Wait for the wg0.conf to be reloaded before continuing on with the script
echo "Config Regenerated"

if [ ! -f $old_config ]; then
...

jakob-tsd added a commit to jakob-tsd/wireguard-ui that referenced this pull request Apr 17, 2023
@jakob-tsd
README.md: use "systemctl reload"
235e7ce 
This fixes two problems:

1) systemctl may not live in /usr/bin/systemctl but in /bin.
This is what I got on my Debian Bullseye that was upgraded over many generations:

	systemd[1]: Starting wg0-reload.service...
	systemd[1609458]: wg0-reload.service: Failed to locate executable /usr/bin/systemctl: No such file or directory
	systemd[1609458]: wg0-reload.service: Failed at step EXEC spawning /usr/bin/systemctl: No such file or directory
	systemd[1]: wg0-reload.service: Main process exited, code=exited, status=203/EXEC
	systemd[1]: wg0-reload.service: Failed with result 'exit-code'.
	systemd[1]: Failed to start wg0-reload.service.

After this change:

	systemd[1]: Starting wg0-reload.service...
	systemd[1]: Reloading WireGuard via wg-quick(8) for wg0.
	systemd[1]: Reloaded WireGuard via wg-quick(8) for wg0.
	systemd[1]: wg0-reload.service: Succeeded.
	systemd[1]: Finished wg0-reload.service.

The docs for ExecStart say

	https://www.freedesktop.org/software/systemd/man/systemd.service.html :

	[...] either an absolute path to an executable or a simple file name without any slashes

So this is OK, and works fine as tested here.

2) Using "reload" instead of "restart" avoids breaking existing
connections.

Supersedes ngoduykhanh#316
Fixes ngoduykhanh#228
Fixes ngoduykhanh#167
@jakob-tsd jakob-tsd mentioned this pull request Apr 17, 2023
Closed
@PizzaProgram
Copy link

PizzaProgram commented May 24, 2023
edited

If I understand this code right, it is fixed to wg0 interface.
But can not handle any other, if the name is not wg0 but wg1 or anyname.at.anytown2.
Right?
Should not be that rather a dynamic config parameter?
(Even the auto-install script is asking for a WireGuard interface name.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
5 participants
@armisss4 @systemcrash @afzl-wtu @kornpow @PizzaProgram