begin phasing in config of vpn via cdist

uncloud_net/models.py

@@ -53,6 +53,29 @@ class WireGuardVPNPool(models.Model):
     def __str__(self):
         return f"{self.ip_network} (subnets: /{self.subnetwork_mask})"
 
+    @property
+    def wireguard_config(self):
+        wireguard_config = [
+            "[Interface]\nListenPort = 51820\nPrivateKey = {self.wireguard_private_key}\n".format(
+                privatekey=self.wireguard_private_key)
+                            ]
+
+        peers = []
+
+        for vpn in self.wireguardvpn_set.all():
+            public_key = vpn.wireguard_public_key
+            peer_network = "{}/{}".format(vpn.address, self.subnetwork_mask)
+            owner = vpn.owner
+
+            peers.append("# Owner: {owner}\n[Peer]\nPublicKey = {public_key}\nAllowedIPs = {peer_network}\n\n".format(
+                owner=owner,
+                public_key=public_key,
+                peer_network=peer_network))
+
+        wireguard_config.extend(peers)
+
+        return "\n".join(wireguard_config)
+
 
 class WireGuardVPN(models.Model):
     """

uncloud_net/tasks.py

@@ -8,38 +8,30 @@ def whereami():
     print(os.uname())
     return os.uname()
 
+def configure_wireguard_server(wireguardvpnpool):
+    """
+    - Create wireguard config (DB query -> string)
+    - Submit config to cdist worker
+    - Change config locally on worker / commit / shared
+
+    """
+
+    config = wireguardvpnpool.wireguard_config
+    server = wireguardvpnpool.vpn_server_hostname
+
+    print(f"Configuring {vpnpool.vpn_server_hostname}: {osa}")
+    cdist_configure_wireguard_server(config, server):
+
+
 @shared_task
-def configure_wireguard_server(vpnpool):
-    print(f"Configuring {vpnpool.vpn_server_hostname}")
+def cdist_configure_wireguard_server(config, server):
+    """
+    Create config and configure server.
 
-    wireguard_config_filename =  '/etc/wireguard/{}.conf'.format(vpnpool.network)
+    To be executed on the cdist workers.
+    """
 
-    @property
-    def wireguard_config(self):
-        wireguard_config = [
-            """
-[Interface]
-ListenPort = 51820
-PrivateKey = {privatekey}
-""".format(privatekey=self.wireguard_private_key) ]
+    fname = f"/home/app/.cdist/type/__ungleich_wireguard/files/{server}"
 
-        peers = []
-
-        for reservation in self.vpnnetworkreservation_set.filter(status='used'):
-            public_key = reservation.vpnnetwork_set.first().wireguard_public_key
-            peer_network = "{}/{}".format(reservation.address, self.subnetwork_size)
-            owner = reservation.vpnnetwork_set.first().owner
-
-            peers.append("""
-# Owner: {owner}
-[Peer]
-PublicKey = {public_key}
-AllowedIPs = {peer_network}
-""".format(
-    owner=owner,
-    public_key=public_key,
-    peer_network=peer_network))
-
-        wireguard_config.extend(peers)
-
-        return "\n".join(wireguard_config)
+    with open(fname, "w") as fd:
+        fd.write(config)

uncloud_net/views.py

@@ -12,6 +12,7 @@ from .serializers import *
 from .selectors   import *
 from .services    import *
 from .forms       import *
+from .tasks       import *
 
 # class VPNPoolViewSet(viewsets.ModelViewSet):
 #     serializer_class = VPNPoolSerializer
@@ -39,6 +40,7 @@ class WireGuardVPNViewSet(viewsets.ModelViewSet):
             public_key=serializer.validated_data['wireguard_public_key'],
             network_mask=serializer.validated_data['network_mask']
         )
+        configure_wireguard_server.apply_async((vpn.vpnpool,))
         return Response(WireGuardVPNSerializer(vpn).data)