Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wireguard - not able to create an Instance without Public Key like in official Doc #7229

Closed
2 tasks done
skl283 opened this issue Feb 11, 2024 · 3 comments
Closed
2 tasks done

Wireguard - not able to create an Instance without Public Key like in official Doc #7229

skl283 opened this issue Feb 11, 2024 · 3 comments
Assignees
@AdSchellevis
Labels
cleanup Low impact changes
Milestone
24.7

Comments

@skl283
Copy link

skl283 commented Feb 11, 2024

Important notices

Before you add a new report, we ask you kindly to acknowledge the following:

Describe the bug

The WireGuard new Instance interface requires that the public key be unique and is filled. This check was probably implemented with #7110. This behavior makes sense to prevent duplicate public keys on the same WireGuard instance, but breaks(?) functionality when using some privacy VPN endpoints where none public keys is needed.

The instance - for dialing in - only have a PrivateKey. In the official Documentation its written for AZIRE VPN correct:

https://docs.opnsense.org/manual/how-tos/wireguard-client-azire.html#step-2-setup-wireguard-instance

--> "In the field Private Key insert the value from your text file and leave Public Key empty."

To Reproduce

Steps to reproduce the behavior:

  1. Configure a Wireguard instance. Usind a Text file from a known Provider like azire oder airvpn
  2. fill in the Field - without public key

Environment

Software version used and hardware type if relevant, e.g.:

OPNsense 24.1.1 (amd64).
@skl283
Copy link
Author

skl283 commented Feb 11, 2024

Perhaps this is in addition to #7213 which was also introduced by the check from #7110

@AdSchellevis
Copy link
Member

I think I have been a bit to enthusiastic in #7110, if there should be a constraint on the instance, it should be on private key not public... but dropping it doesn't hurt either. I'll drop the instance constraint and we'll wait if anything else is needed.

The original ticket was about duplicate peers...

@AdSchellevis AdSchellevis self-assigned this Feb 12, 2024
@AdSchellevis AdSchellevis added the cleanup Low impact changes label Feb 12, 2024
@AdSchellevis AdSchellevis added this to the 24.7 milestone Feb 12, 2024
fichtner pushed a commit that referenced this issue Feb 13, 2024
@AdSchellevis @fichtner
VPN: WireGuard: Settings - partial revert e385b1c as constraints shou…
c41b88b 
…ld only apply on peers (not instances). closes #7229

(cherry picked from commit 0fa6e96)
@skl283
Copy link
Author

skl283 commented Feb 21, 2024

thanks for your answer, but my problem still exists and i cant edit my WG Instance in 24.1.2 - i think this issue is a show stopper for using a WG Provider for dial in. I can't add/edit an Instance without pub key!

image

In the doc you describe how to add an azire vpn client setup --> only priv. Key - no Pub Key

AdSchellevis added a commit that referenced this issue Feb 21, 2024
@AdSchellevis
VPN: WireGuard: Settings / Instances - remove duplicate pubkey field …
1218763 
…in model and remove required tag also validate on base64. #7229
fichtner pushed a commit that referenced this issue Feb 27, 2024
@AdSchellevis @fichtner
VPN: WireGuard: Settings / Instances - remove duplicate pubkey field …
50a3aff 
…in model and remove required tag also validate on base64. #7229

(cherry picked from commit 1218763)
fichtner pushed a commit that referenced this issue Mar 12, 2024
@AdSchellevis @fichtner
VPN: WireGuard: Settings - partial revert e385b1c as constraints shou…
4f9def0 
…ld only apply on peers (not instances). closes #7229
fichtner pushed a commit that referenced this issue Mar 12, 2024
@AdSchellevis @fichtner
VPN: WireGuard: Settings / Instances - remove duplicate pubkey field …
40e3b2e 
…in model and remove required tag also validate on base64. #7229
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AdSchellevis AdSchellevis

Labels
cleanup Low impact changes
Milestone
24.7
Development

No branches or pull requests
2 participants
@AdSchellevis @skl283