Skip to content
Permalink
Browse files

[wireguard]: T1650 - cli option to delete default wg key

  • Loading branch information...
hagbard-01 committed Sep 10, 2019
1 parent 1017c81 commit db07e6fa76d90eaf80a06729753fb89266437674
Showing with 14 additions and 17 deletions.
  1. +3 −3 op-mode-definitions/wireguard.xml
  2. +2 −5 src/conf_mode/interface-wireguard.py
  3. +9 −9 src/op_mode/wireguard.py
@@ -12,7 +12,7 @@
<properties>
<help>generate a wireguard keypair</help>
</properties>
<command>${vyos_op_scripts_dir}/wireguard.py --genkey</command>
<command>sudo ${vyos_op_scripts_dir}/wireguard.py --genkey</command>
</leafNode>
<leafNode name="preshared-key">
<properties>
@@ -119,9 +119,9 @@
<help>Delete wireguard properties</help>
</properties>
<children>
<tagNode name="named-keypair">
<tagNode name="keypair">
<properties>
<help>Delete wireguard named keypair</help>
<help>Delete a wireguard keypair</help>
<completionHelp>
<script>${vyos_op_scripts_dir}/wireguard.py --listkdir</script>
</completionHelp>
@@ -31,7 +31,6 @@

kdir = r'/config/auth/wireguard'


def check_kmod():
if not os.path.exists('/sys/module/wireguard'):
sl.syslog(sl.LOG_NOTICE, "loading wirguard kmod")
@@ -55,7 +54,7 @@ def get_config():
'fwmark': 0x00,
'mtu': 1420,
'peer': {},
'pk': '{}/private.key'.format(kdir)
'pk' : '{}/default/private.key'.format(kdir)
}
}

@@ -81,8 +80,7 @@ def get_config():
if c.exists(ifname + ' mtu'):
config_data[ifname]['mtu'] = c.return_value(ifname + ' mtu')
if c.exists(ifname + ' private-key'):
config_data[ifname]['pk'] = "{0}/{1}/private.key".format(
kdir, c.return_value(ifname + ' private-key'))
config_data[ifname]['pk'] = "{0}/{1}/private.key".format(kdir,c.return_value(ifname + ' private-key'))
if c.exists(ifname + ' peer'):
for p in c.list_nodes(ifname + ' peer'):
if not c.exists(ifname + ' peer ' + p + ' disable'):
@@ -113,7 +111,6 @@ def get_config():

return config_data


def verify(c):
if not c:
return None
@@ -91,18 +91,16 @@ def genpsk():

subprocess.call(['wg genpsk'], shell=True)


def list_key_dirs():
""" lists all dirs under /config/auth/wireguard """
""" lists all dirs under /config/auth/wireguard """
if os.path.exists(dir):
nks = next(os.walk(dir))[1]
for nk in nks:
print (nk)


def del_key_dir(kname):
""" deletes /config/auth/wireguard/<kname> """
kdir = "{0}/{1}".format(dir, kname)
kdir = "{0}/{1}".format(dir,kname)
if not os.path.isdir(kdir):
print ("named keypair {} not found".format(kname))
return 1
@@ -133,24 +131,26 @@ def del_key_dir(kname):
if args.location:
genkey("{0}/{1}".format(dir, args.location))
else:
genkey(dir)

genkey("{}/default".format(dir))
if args.showpub:
if args.location:
showkey("{0}/{1}/public.key".format(dir, args.location))
else:
showkey("{}/public.key".format(dir))
showkey("{}/default/public.key".format(dir))
if args.showpriv:
if args.location:
showkey("{0}/{1}/private.key".format(dir, args.location))
else:
showkey("{}/private".format(dir))
showkey("{}/default/private.key".format(dir))
if args.genpsk:
genpsk()
if args.listkdir:
list_key_dirs()
if args.delkdir:
del_key_dir(args.location)
if args.location:
del_key_dir(args.location)
else:
del_key_dir("default")

except ConfigError as e:
print(e)

0 comments on commit db07e6f

Please sign in to comment.
You can’t perform that action at this time.