begin phasing in config of vpn via cdist

uncloud_net/tasks.py

@@ -8,38 +8,30 @@ def whereami():
     print(os.uname())
     return os.uname()
 
+def configure_wireguard_server(wireguardvpnpool):
+    """
+    - Create wireguard config (DB query -> string)
+    - Submit config to cdist worker
+    - Change config locally on worker / commit / shared
+
+    """
+
+    config = wireguardvpnpool.wireguard_config
+    server = wireguardvpnpool.vpn_server_hostname
+
+    print(f"Configuring {vpnpool.vpn_server_hostname}: {osa}")
+    cdist_configure_wireguard_server(config, server):
+
+
 @shared_task
-def configure_wireguard_server(vpnpool):
-    print(f"Configuring {vpnpool.vpn_server_hostname}")
+def cdist_configure_wireguard_server(config, server):
+    """
+    Create config and configure server.
 
-    wireguard_config_filename =  '/etc/wireguard/{}.conf'.format(vpnpool.network)
+    To be executed on the cdist workers.
+    """
 
-    @property
-    def wireguard_config(self):
-        wireguard_config = [
-            """
-[Interface]
-ListenPort = 51820
-PrivateKey = {privatekey}
-""".format(privatekey=self.wireguard_private_key) ]
+    fname = f"/home/app/.cdist/type/__ungleich_wireguard/files/{server}"
 
-        peers = []
-
-        for reservation in self.vpnnetworkreservation_set.filter(status='used'):
-            public_key = reservation.vpnnetwork_set.first().wireguard_public_key
-            peer_network = "{}/{}".format(reservation.address, self.subnetwork_size)
-            owner = reservation.vpnnetwork_set.first().owner
-
-            peers.append("""
-# Owner: {owner}
-[Peer]
-PublicKey = {public_key}
-AllowedIPs = {peer_network}
-""".format(
-    owner=owner,
-    public_key=public_key,
-    peer_network=peer_network))
-
-        wireguard_config.extend(peers)
-
-        return "\n".join(wireguard_config)
+    with open(fname, "w") as fd:
+        fd.write(config)