bundles/wireguard: do not generate PSKs for unmanaged nodes

2024-03-23 10:19:15 +01:00 · 2024-03-23 10:19:15 +01:00 · e6f6229b87
parent 104d1f11bf
commit e6f6229b87
1 changed files with 9 additions and 4 deletions
--- a/bundles/wireguard/metadata.py
+++ b/bundles/wireguard/metadata.py
@ -83,10 +83,15 @@ def peer_psks(metadata):
            'iface': sub('[^a-z0-9-_]+', '_', peer_name)[:12],
        }

-        if node.name < peer_name:
-            peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}')
-        else:
-            peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}')
+        try:
+            repo.get_node(peer_name)
+
+            if node.name < peer_name:
+                peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}')
+            else:
+                peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}')
+        except NoSuchNode:
+            pass

    return {
        'wireguard': {