wg-manager icon indicating copy to clipboard operation
wg-manager copied to clipboard
verified publisher icon perara

[WIP] use pywireguard instead of calling wg and wg-quick

Open hmrodrigues opened this issue 4 years ago • 9 comments

Use wireguard C API directly (via pywireguard) instead of generating configuration files and calling wg and wg-quick.

It will also stop requiring to have wg-tools installed on host.

hmrodrigues avatar Jul 17 '21 21:07 hmrodrigues

@perara do you think that this worth's the time or do you want to keep using the wg command with generated configuration files?

hmrodrigues avatar Jul 19 '21 14:07 hmrodrigues

No this is excellent! I was looking for similar bindings during the initial writeup. Although its rather early in dev and maintained by 1 person only, its better than how we do it currently and i can imagine that it will be adopted by many others.

In terms of config files, i think it would be wise to have it compliant with regular wg config files so that its trivial to migrate from/to. But it should not be any dealbreaker in terms of using pywireguard

perara avatar Jul 19 '21 19:07 perara

Just ping me if you follow this path eventually (if its ready, and ill test it out and hopefully merge it in )

perara avatar Aug 17 '21 02:08 perara

Hello,

yah I will follow it, I just got busy with some personal stuff, maybe next week I think

hmrodrigues avatar Aug 17 '21 19:08 hmrodrigues

@hmrodrigues Any updates on this?

gaby avatar Sep 15 '21 23:09 gaby

Hey,

Yah sorry I got some personal stuff on the way and was unable to continue with this. Meanwhile, I will open a new issue against pywirguard since currently it isn't possible to set the peer endpoint

hmrodrigues avatar Sep 24 '21 17:09 hmrodrigues

https://github.com/inloco/pywireguard/issues/1

hmrodrigues avatar Sep 24 '21 17:09 hmrodrigues

Excellent! I Will watch this and I'm also "out of office" until the new year, but aim to clock in quite a lot of work then as much have happened on the WG front in the recent year.

perara avatar Sep 24 '21 18:09 perara

I think that it's better to keep using wg-quick while pywireguard doesn't have all the features (at least the ones that the C library supports). Another issue will be the post up/down commands, I don't think that the C library supports it, will pywireguard run them directly?

I will keep an eye on pywireguard to check when this features are available. I can also try to implement them, but my CPython skills are next to none so I prefer to leave it to the peeps that know it.

Another (off) topic, I thought about having different backends. For example, I personally use RouterOS and I would love to have wg-manager feeding tunnels to RouterOS via API. This would be also valid for other systems that have a API available for Wireguard tunnels. What do you think?

hmrodrigues avatar Sep 27 '21 17:09 hmrodrigues