diff options
-rw-r--r-- | CHANGELOG.md | 13 | ||||
-rw-r--r-- | Cargo.toml | 2 | ||||
-rw-r--r-- | dist/systemd/wgconfd-state@.service | 10 | ||||
-rw-r--r-- | dist/systemd/wgconfd@.service | 7 |
4 files changed, 27 insertions, 5 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 8bb3511..fbb7e29 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +v0.2.0 +--- + +- Peer overrides can be specified in the main configuration file. An override +for a specific public key can contain a preshared key and can restrict the +source that can define the peer. + +- The systemd service has been split in two. Restarting `wgconfd-state@.service` +also wipes the state. This service should be marked as `PartOf=` the service +that manages the interface. `wgconfd@.service` itself is +`PartOf=wgconfd-state@.service`. + + v0.1.2 --- @@ -1,6 +1,6 @@ [package] name = "wgconfd" -version = "0.1.2" +version = "0.2.0" edition = "2018" authors = [ "Hristo Venev <hristo@venev.name>" ] license = "LGPL-3.0" diff --git a/dist/systemd/wgconfd-state@.service b/dist/systemd/wgconfd-state@.service new file mode 100644 index 0000000..6aed8e8 --- /dev/null +++ b/dist/systemd/wgconfd-state@.service @@ -0,0 +1,10 @@ +[Unit] +Description=WireGuard runtime state for %i + +[Service] +Type=oneshot +ExecStart=/bin/true +RemainAfterExit=true +RuntimeDirectory=wgconfd/%i +RuntimeDirectoryMode=0700 +RuntimeDirectoryPreserve=no diff --git a/dist/systemd/wgconfd@.service b/dist/systemd/wgconfd@.service index 3b85809..971681d 100644 --- a/dist/systemd/wgconfd@.service +++ b/dist/systemd/wgconfd@.service @@ -1,7 +1,8 @@ [Unit] Description=WireGuard configuration daemon on %i Wants=network.target -After=network-pre.target +Requires=wgconfd-state@%i.service +After=network-pre.target wgconfd-state@%i.service Before=network.target [Service] @@ -9,11 +10,9 @@ Type=simple CapabilityBoundingSet=CAP_NET_ADMIN Restart=on-failure RestartSec=0 -RuntimeDirectory=wgconfd/%i -RuntimeDirectoryMode=0700 -RuntimeDirectoryPreserve=yes CacheDirectory=wgconfd/%i CacheDirectoryMode=0700 +Environment=RUNTIME_DIRECTORY=%t/wgconfd/%i ExecStart=/usr/bin/env wgconfd %i /etc/wireguard/%i.toml StandardError=journal SyslogLevelPrefix=true |