diff --git a/bundles/wireguard/files/pppd-ip-up b/bundles/wireguard/files/pppd-ip-up new file mode 100644 index 0000000..d61343f --- /dev/null +++ b/bundles/wireguard/files/pppd-ip-up @@ -0,0 +1,12 @@ +#!/bin/bash + +# We need to send some traffic over the wireguard tunnel to make sure +# it gets connected. Easiest way is to simply send some pings to the +# other side. + +% for peer, config in node.metadata.get('wireguard', {}).get('peers', {}).items(): +% for ip in sorted(config['ips']): +# refresh connection to ${peer} ${ip} +/usr/bin/ping -c 4 ${ip.split('/')[0] if '/' in ip else ip} +% endfor +% endfor diff --git a/bundles/wireguard/items.py b/bundles/wireguard/items.py index 0b44ee0..24b8ea7 100644 --- a/bundles/wireguard/items.py +++ b/bundles/wireguard/items.py @@ -27,3 +27,10 @@ files = { 'mode': '0755', }, } + +if node.has_bundle('pppd'): + files['/etc/ppp/ip-up.d/reconnect-wireguard'] = { + 'source': 'pppd-ip-up', + 'content_type': 'mako', + 'mode': '0755', + }