moving vpn to direct configuration

uncloud_net/tasks.py

@@ -8,6 +8,7 @@ import subprocess
 import logging
 import uuid
 
+
 log = logging.getLogger(__name__)
 
 @shared_task
@@ -15,7 +16,30 @@ def whereami():
     print(os.uname())
     return os.uname()
 
-def configure_wireguard_server(wireguardvpnpool):
+@shared_task
+def configure_wireguard_server_on_host(wg_name, config):
+    """
+    - Create wireguard config (DB query -> string)
+    - Submit config to cdist worker
+    - Change config locally on worker / commit / shared
+    """
+
+    # Write config
+    fname = f"/etc/wireguard/{{wg_name}}.conf"
+    with open(fname, "w") as fd:
+        fd.write(config)
+
+    # Ensure the device exists
+    subprocess.run(f"ip link show {{wg_name}} || sudo ip link add {{wg_name}} type wireguard",
+                   shell=True, check=True)
+
+    # Ensure the config is correct
+    subprocess.run(f"sudo wg setconf {{wg_name}} {{fname}}",
+                   shell=True, check=True)
+
+
+
+def configure_wireguard_server_via_cdist(wireguardvpnpool):
     """
     - Create wireguard config (DB query -> string)
     - Submit config to cdist worker
@@ -37,7 +61,7 @@ def cdist_configure_wireguard_server(config, server):
     """
     Create config and configure server.
 
-    To be executed on the cdist workers.
+    To be executed on the cdist worker.
     """
 
     dirname= "/home/app/.cdist/type/__ungleich_wireguard/files/"