Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[bug] Can't support multiple wireguard tunnels on the same devices #657

Closed
nemesifier opened this issue Jun 15, 2022 · 0 comments · Fixed by #666
Closed

[bug] Can't support multiple wireguard tunnels on the same devices #657

nemesifier opened this issue Jun 15, 2022 · 0 comments · Fixed by #666
Labels
bug
Projects
OpenWISP Priorities for next releases

Comments

@nemesifier
Copy link
Member

I found out a flaw in the wireguard implementation:

openwisp-controller/openwisp_controller/config/base/config.py

Lines 545 to 548 in 8b8de3c

if vpnclient.public_key:
context['public_key'] = vpnclient.public_key
if vpnclient.private_key:
context['private_key'] = vpnclient.private_key

The variables public_key and private_key will be overwritten if there are multiple wireguard tunnels on the same device, with the result that the first wireguard tunnels will not work (only the last applied template will work).

I think we have to do the following:

  • make sure those variables get the UUID of the VPN server as their suffix, as all the other VPN related variables
  • create a data migration to update the variables in the templates:
    • look for all the currently existing VPN-client template which are related to a wireguard or wireguard/vxlan VPN
    • replace {{ public_key }} and {{public_key}} with {{ public_key_<UUID> }}, same for private_key. The UUID should be the UUID of the VPN server related to the VPN-client template
@nemesifier nemesifier added the bug label Jun 15, 2022
@nemesifier nemesifier added this to Backlog in OpenWISP Priorities for next releases via automation Jun 15, 2022
codesankalp added a commit that referenced this issue Jun 17, 2022
@codesankalp
[Fix] Support multiple wireguard tunnels on same device #657
dcd0132 
Closes #657
codesankalp added a commit that referenced this issue Jun 24, 2022
@codesankalp
[Fix] Support multiple wireguard tunnels on same device #657
9b6e1af 
Closes #657
codesankalp added a commit that referenced this issue Jun 24, 2022
@codesankalp
[Fix] Support multiple wireguard tunnels on same device #657
83f027e 
Closes #657
codesankalp added a commit that referenced this issue Jun 24, 2022
@codesankalp
[Fix] Support multiple wireguard tunnels on same device #657
92bb836 
Fixes #657
@codesankalp codesankalp mentioned this issue Jun 24, 2022
Merged
codesankalp added a commit that referenced this issue Jun 24, 2022
@codesankalp
[Fix] Support multiple wireguard tunnels on same device #657
3f52468 
Fixes #657
OpenWISP Priorities for next releases automation moved this from Backlog to Done Jun 24, 2022
nemesifier pushed a commit that referenced this issue Jun 24, 2022
@codesankalp
[fix] Support multiple wireguard tunnels on same device #657
c02d527 
Fixes #657
nemesifier added a commit that referenced this issue Jun 24, 2022
@nemesifier
[fix] Support multiple wireguard tunnels on same device #657
a97284b
@pandafy pandafy mentioned this issue Jul 1, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
OpenWISP Priorities for next releases
  
Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

[Fix] Support multiple wireguard tunnels on same device #657 openwisp/openwisp-controller
1 participant
@nemesifier