nmcli: add support for managing wireguard peers
Even if WireGuard is supported since long time in NetworkManager, it is still not possible to manage the list of peers via nmcli. The reason is that in the past we wanted to introduce a special syntax that would allow to manage the peer list more easily. However, this requires heavy changes to the nmcli output formatting code, and so it never happened. Since perfection is the enemy of good, abandon the idea of a custom handling of peers and treat them as any other composite property. The property is named "wireguard.peers" and exposes the peers indexed by public key, with optional attributes. Example: $ nmcli connection modify wg0 wireguard.peers "8Wgc1a0jJX3rQULwD5NFFLKrKQnbOnTiaNoerLneG1o= preshared-key=16uGwZvROnwyNGoW6Z3pvJB5GKbd6ncYROA/FFleLQA= allowed-ips=0.0.0.0/0 persistent-keepalive=10" $ nmcli connection modify wg0 +wireguard.peers "fd2NSxUjkaR/Jft15+gpXU13hKSyZLoe4cp+g+feBCc= allowed-ips=192.168.40.0/24 endpoint=172.25.10.1:8888" $ nmcli -g wireguard.peers connection show wg0 8Wgc1a0jJX3rQULwD5NFFLKrKQnbOnTiaNoerLneG1o= allowed-ips=0.0.0.0/0 persistent-keepalive=10, fd2NSxUjkaR/Jft15+gpXU13hKSyZLoe4cp+g+feBCc= allowed-ips=192.168.40.0/24 endpoint=172.25.10.1\:8888 $ nmcli connection modify wg0 -wireguard.peers 8Wgc1a0jJX3rQULwD5NFFLKrKQnbOnTiaNoerLneG1o= $ nmcli -g wireguard.peers connection show wg0 fd2NSxUjkaR/Jft15+gpXU13hKSyZLoe4cp+g+feBCc= allowed-ips=192.168.40.0/24 endpoint=172.25.10.1\:8888
This commit is contained in:
Beniamino Galvani
Reference in New Issue
Block a user