Suggestion: add to the documentation another way to automatically update the configuration without completely restarting the VPN #228
Labels
documentation
Improvements or additions to documentation
Comments
|
I was looking for this solution! Thanks for the heads up. Edit: just tested this, and it works perfectly! |
jakob-tsd
added a commit
to jakob-tsd/wireguard-ui
that referenced
this issue
Apr 17, 2023
This fixes two problems: 1) systemctl may not live in /usr/bin/systemctl but in /bin. This is what I got on my Debian Bullseye that was upgraded over many generations: systemd[1]: Starting wg0-reload.service... systemd[1609458]: wg0-reload.service: Failed to locate executable /usr/bin/systemctl: No such file or directory systemd[1609458]: wg0-reload.service: Failed at step EXEC spawning /usr/bin/systemctl: No such file or directory systemd[1]: wg0-reload.service: Main process exited, code=exited, status=203/EXEC systemd[1]: wg0-reload.service: Failed with result 'exit-code'. systemd[1]: Failed to start wg0-reload.service. After this change: systemd[1]: Starting wg0-reload.service... systemd[1]: Reloading WireGuard via wg-quick(8) for wg0. systemd[1]: Reloaded WireGuard via wg-quick(8) for wg0. systemd[1]: wg0-reload.service: Succeeded. systemd[1]: Finished wg0-reload.service. The docs for ExecStart say https://www.freedesktop.org/software/systemd/man/systemd.service.html : [...] either an absolute path to an executable or a simple file name without any slashes So this is OK, and works fine as tested here. 2) Using "reload" instead of "restart" avoids breaking existing connections. Supersedes ngoduykhanh#316 Fixes ngoduykhanh#228 Fixes ngoduykhanh#167
# for free
to join this conversation on GitHub.
Already have an account?
# to comment
Suggestion: add to the documentation another way to automatically update the configuration with wg syncconf, without completely restarting the VPN.
I use the method for openrc from the documentation, but with a different command in the script in /usr/bin/local/:
wg syncconf wg0 <(wg-quick strip /etc/wireguard/wg0.conf)Advantage: connected clients will not have a temporary disconnection after the configuration update, since the interface will not be removed and added with wg-quick, but the Wireguard settings will be updated.
Disadvantage: since the wg command is used, and not wg-quick, for example, the IP address, the MTU of the Wireguard interface will not be changed. But I think this is not critical for everyone, and even if it is ever needed, it will be possible to restart the VPN manually with wg-quick. And, I think, even this can be solved, automated, at least partially. For example, add commands to the script that get the MTU value from the config and then set it via the "ip link set mtu <<mtu_value>> up dev wg0" command for the WG interface, just like wg-quick does.
The text was updated successfully, but these errors were encountered: