bundles/wireguard: do not generate PSKs for unmanaged nodes
This commit is contained in:
parent
104d1f11bf
commit
e6f6229b87
1 changed files with 9 additions and 4 deletions
|
@ -83,10 +83,15 @@ def peer_psks(metadata):
|
||||||
'iface': sub('[^a-z0-9-_]+', '_', peer_name)[:12],
|
'iface': sub('[^a-z0-9-_]+', '_', peer_name)[:12],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
try:
|
||||||
|
repo.get_node(peer_name)
|
||||||
|
|
||||||
if node.name < peer_name:
|
if node.name < peer_name:
|
||||||
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}')
|
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}')
|
||||||
else:
|
else:
|
||||||
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}')
|
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}')
|
||||||
|
except NoSuchNode:
|
||||||
|
pass
|
||||||
|
|
||||||
return {
|
return {
|
||||||
'wireguard': {
|
'wireguard': {
|
||||||
|
|
Loading…
Reference in a new issue