bundles/wireguard: do not generate PSKs for unmanaged nodes

This commit is contained in:
Franzi 2024-03-23 10:19:15 +01:00
parent 104d1f11bf
commit e6f6229b87
Signed by: kunsi
GPG key ID: 12E3D2136B818350

View file

@ -83,10 +83,15 @@ def peer_psks(metadata):
'iface': sub('[^a-z0-9-_]+', '_', peer_name)[:12], 'iface': sub('[^a-z0-9-_]+', '_', peer_name)[:12],
} }
try:
repo.get_node(peer_name)
if node.name < peer_name: if node.name < peer_name:
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}') peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{node.name} wireguard {peer_name}')
else: else:
peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}') peers[peer_name]['psk'] = repo.vault.random_bytes_as_base64_for(f'{peer_name} wireguard {node.name}')
except NoSuchNode:
pass
return { return {
'wireguard': { 'wireguard': {