hmrodrigues
commented
3 years ago @perara do you think that this worth's the time or do you want to keep using the wg command with generated configuration files?
Closed hmrodrigues closed 2 years ago
hmrodrigues
commented
3 years ago @perara do you think that this worth's the time or do you want to keep using the wg command with generated configuration files?
perara
commented
3 years ago No this is excellent! I was looking for similar bindings during the initial writeup. Although its rather early in dev and maintained by 1 person only, its better than how we do it currently and i can imagine that it will be adopted by many others.
In terms of config files, i think it would be wise to have it compliant with regular wg config files so that its trivial to migrate from/to. But it should not be any dealbreaker in terms of using pywireguard
perara
commented
3 years ago Just ping me if you follow this path eventually (if its ready, and ill test it out and hopefully merge it in )
hmrodrigues
commented
3 years ago Hello,
yah I will follow it, I just got busy with some personal stuff, maybe next week I think
gaby
commented
3 years ago @hmrodrigues Any updates on this?
hmrodrigues
commented
3 years ago Hey,
Yah sorry I got some personal stuff on the way and was unable to continue with this. Meanwhile, I will open a new issue against pywirguard since currently it isn't possible to set the peer endpoint
hmrodrigues
commented
3 years ago perara
commented
3 years ago Excellent! I Will watch this and I'm also "out of office" until the new year, but aim to clock in quite a lot of work then as much have happened on the WG front in the recent year.
hmrodrigues
commented
3 years ago I think that it's better to keep using wg-quick while pywireguard doesn't have all the features (at least the ones that the C library supports). Another issue will be the post up/down commands, I don't think that the C library supports it, will pywireguard run them directly?
I will keep an eye on pywireguard to check when this features are available. I can also try to implement them, but my CPython skills are next to none so I prefer to leave it to the peeps that know it.
Another (off) topic, I thought about having different backends. For example, I personally use RouterOS and I would love to have wg-manager feeding tunnels to RouterOS via API. This would be also valid for other systems that have a API available for Wireguard tunnels. What do you think?
Use wireguard C API directly (via pywireguard) instead of generating configuration files and calling wg and wg-quick.
It will also stop requiring to have wg-tools installed on host.