wgconf

package module
v0.0.0-...-b80aebe Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 12, 2022 License: MIT Imports: 8 Imported by: 0

README

wgconf Go Reference

Package wgconf provides a limited set of WireGuard configuration types that can be marshaled as systemd netdev configuration.

Example

package main

import (
	"fmt"
	"net"

	"github.com/gentlemanautomaton/wgconf"
	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)

func main() {
	peers := wgconf.PeerList{
		{
			Name:        "Laptop1",
			Description: "alice.laptop",
			PublicKey:   ParseKey("lO/VBDYf0zKo4N+RwnjNsBYMb8Wuw8WUZP00C7CviS0="),
			AllowedIPs:  []net.IPNet{ParseIPNet("10.0.0.1/32")},
		},
		{
			Name:        "Laptop2",
			Description: "bob.laptop",
			PublicKey:   ParseKey("uEVNLxM71801qc3xOYsgvoKjX3AaK6+CV3c8tzjR0iE="),
			AllowedIPs:  []net.IPNet{ParseIPNet("10.0.0.2/32"), ParseIPNet("192.168.0.254/32")},
		},
	}
	fmt.Print(peers.NetDev())
}

func ParseKey(key string) wgtypes.Key {
	k, err := wgtypes.ParseKey(key)
	if err != nil {
		panic(err)
	}
	return k
}

func ParseIPNet(cidr string) net.IPNet {
	_, v, err := net.ParseCIDR(cidr)
	if err != nil {
		panic(err)
	}
	return *v
}

Example Output:

# Laptop1 (alice.laptop)
[WireGuardPeer]
PublicKey=lO/VBDYf0zKo4N+RwnjNsBYMb8Wuw8WUZP00C7CviS0=
AllowedIPs=10.0.0.1/32

# Laptop2 (bob.laptop)
[WireGuardPeer]
PublicKey=uEVNLxM71801qc3xOYsgvoKjX3AaK6+CV3c8tzjR0iE=
AllowedIPs=10.0.0.2/32,192.168.0.254/32

Documentation

Overview

Package wgconf provides a limited set of WireGuard configuration types that can be marshaled as systemd netdev configuration.

Example 
package main

import (
	"fmt"
	"net"

	"github.com/gentlemanautomaton/wgconf"
	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
)

func main() {
	peers := wgconf.PeerList{
		{
			Name:        "Laptop1",
			Description: "alice.laptop",
			PublicKey:   ParseKey("lO/VBDYf0zKo4N+RwnjNsBYMb8Wuw8WUZP00C7CviS0="),
			AllowedIPs:  []net.IPNet{ParseIPNet("10.0.0.1/32")},
		},
		{
			Name:        "Laptop2",
			Description: "bob.laptop",
			PublicKey:   ParseKey("uEVNLxM71801qc3xOYsgvoKjX3AaK6+CV3c8tzjR0iE="),
			AllowedIPs:  []net.IPNet{ParseIPNet("10.0.0.2/32"), ParseIPNet("192.168.0.254/32")},
		},
	}
	fmt.Print(peers.NetDev())
}

func ParseKey(key string) wgtypes.Key {
	k, err := wgtypes.ParseKey(key)
	if err != nil {
		panic(err)
	}
	return k
}

func ParseIPNet(cidr string) net.IPNet {
	_, v, err := net.ParseCIDR(cidr)
	if err != nil {
		panic(err)
	}
	return *v
}

Output:

# Laptop1 (alice.laptop)
[WireGuardPeer]
PublicKey=lO/VBDYf0zKo4N+RwnjNsBYMb8Wuw8WUZP00C7CviS0=
AllowedIPs=10.0.0.1/32

# Laptop2 (bob.laptop)
[WireGuardPeer]
PublicKey=uEVNLxM71801qc3xOYsgvoKjX3AaK6+CV3c8tzjR0iE=
AllowedIPs=10.0.0.2/32,192.168.0.254/32

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func Compare 

func Compare(a, b Peer) int

Compare provides a comparison function for peers. It is used by PeerList to determine its sort order. It returns the following values: 

-1: Peer a is less than peer b
 0: Peer a and b are equivalent
 1: Peer a is greater than peer b

Peers are by their allowed IP addresses, in ascending order. The public key is used as a tie breaker for peers lacking addresses.

func ReconcilePeers 

func ReconcilePeers(client *wgctrl.Client, device string, oldPeers, newPeers PeerList) error

ReconcilePeers updates the peer list configuration for the given WireGuard device.

The difference between the old peer list and the new peer list is used to determine the set of peer list changes that should be issued. Peers present in the old list but not present in the new list will be removed. Peers that are not present in either list will not be modified.

Types

type AllowedIPs 

type AllowedIPs []net.IPNet

AllowedIPs is a slice of network addresses that are assigned to a WireGuard peers.

func (AllowedIPs) String 

func (ipnets AllowedIPs) String() string

String returns a comma-separated AllowedIPs string for the given IP networks. Invalid networks will be omitted.

type IPNet 

type IPNet net.IPNet

IPNet is an IP Network that can be used to filter peers.

func (IPNet) Contains 

func (ipnet IPNet) Contains(p Peer) bool

Contains returns true if all of the peer's allowed IP networks are contained within ipnet.

type Key 

type Key = wgtypes.Key

Key is a public or private key used by WireGuard.

type Peer 

type Peer struct {
	Name        string
	Description string
	PublicKey   Key
	AllowedIPs  AllowedIPs
}

Peer is a WireGuard peer.

func (Peer) NetDev 

func (p Peer) NetDev() string

NetDev returns the systemd netdev configuration for the peer.

type PeerFilter 

type PeerFilter func(Peer) bool

PeerFilter is a filter that can be applied to peers.

type PeerList 

type PeerList []Peer

PeerList is a list of WireGuard peers.

func CollectPeers 

func CollectPeers(client *wgctrl.Client, device string) (PeerList, error)

CollectPeers returns the current set of WireGuard peers for a device.

func CompareLists 

func CompareLists(a, b PeerList) (added, updated, removed, unchanged PeerList)

CompareLists compares a with b and determines the differences.

Peers are uniquely identified by their public key.

func (PeerList) Len 

func (list PeerList) Len() int

Len returns the number of peers in the list.

func (PeerList) Less 

func (list PeerList) Less(i, j int) bool

Less reports whether the peer with index i must sort before the peer with index j. The order is based on the Compare function.

func (PeerList) Match 

func (list PeerList) Match(filter PeerFilter) PeerList

Match returns the set of peers that match the given filter.

func (PeerList) NetDev 

func (list PeerList) NetDev() string

NetDev returns the systemd netdev configuration for the peers.

func (PeerList) Swap 

func (list PeerList) Swap(i, j int)

Swap swaps the peers with indexes i and j.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.