search

cmulk / wireguard-docker

Wireguard setup in Docker meant for a simple personal VPN
345 stars 92 forks source link

Watch for configuration changes #24

Closed marier-nico closed 3 years ago

marier-nico commented 3 years ago

This PR enables watching and waiting for an interface configuration change so that wireguard is automatically restarted every time its configuration changes. My use-case for this is that I want to use a GUI to manage my wireguard clients. However, the GUI I want to use (https://github.com/vx3r/wg-gen-web) does not make any attempt at restarting wireguard when it modifies a configuration file, which I think makes sense. However, I still didn't want to manually restart wireguard every time I made a change in the GUI, because that somewhat defeats the purpose of having a GUI in the first place.

The wg-gen-web project suggests a few solutions, the simplest of which is what I've implemented here (https://github.com/vx3r/wg-gen-web#using-inotifywait for details).

I've tested the debian buster image and it works very well. Perhaps additional testing would be required for the other two image variants, but I'm fairly confident that it would also work as expected.

I could have opened an issue beforehand to discuss whether or not this was useful to submit as a PR or not, but I was going to do it for myself anyway, so I figured I might as well submit a PR! If this is not useful or something is missing, either just decline the PR or let me know, I'd be happy to find a solution that works for everyone :smile:

cmulk commented 3 years ago

I like it! Nice and simple. One thing I would like you to add before I merge it though is to make it optional with an environment variable flag (kind of like the IPTABLES_MASQ). I think I would like to have it off by default, then we don't mess up anyone that is not expecting this functionality. Can you add that in?

Thanks!

marier-nico commented 3 years ago

Glad you like it!

I changed it so that if the WATCH_CHANGES env variable is set to anything, wireguard gets restarted when there's a change.

marier-nico commented 3 years ago

Do you think you'd be able to test it yourself to see if it works how you expect before merging? :smile:

cmulk commented 3 years ago

I made a couple more updates to make the WATCH_CHANGES option consistent with how IPTABLES_MASQ works (Your way works perfectly fine, I just would like them to be consistent).

Yes, I will test it out a bit now before merging!

marier-nico commented 3 years ago

No problem at all, consistency is important as well!

cmulk commented 3 years ago

tested out some today and looks good to me, merged and rebuilding images, thanks again!

marier-nico commented 3 years ago

Awesome, thanks for merging this in! :smile: