NAME
WGmeta::Wrapper::Config - Class for interfacing the wireguard configuration
SYNOPSIS
use Wireguard::WGmeta::Wrapper::Config;
my $wg_meta = Wireguard::WGmeta::Wrapper::Config->new('<path to wireguard configuration>');DESCRIPTION
This class provides wrapper-functions around a wireguard configuration parsed by Wireguard::WGmeta::Parser::Config which allow to edit, add and remove interfaces and peers.
CONCURRENCY
Please refer to Wireguard::WGmeta::Wrapper::ConfigT
EXAMPLES
use Wireguard::WGmeta::Wrapper::Config;
my $wg-meta = Wireguard::WGmeta::Wrapper::Config->new('<path to wireguard configuration>');
# set an attribute (non wg-meta attributes forwarded to the original `wg set` command)
wg_meta->set('wg0', 'WG_0_PEER_A_PUBLIC_KEY', '<attribute_name>', '<attribute_value>');
# set an alias for a peer
wg_meta->set('wg0', 'WG_0_PEER_A_PUBLIC_KEY', 'alias', 'some_fancy_alias');
# disable peer (this comments out the peer in the configuration file
wg_meta->disable_by_alias('wg0', 'some_fancy_alias');
# write config (if parameter is set to True, the config is overwritten, if set to False the resulting file is suffixed with '_not_applied'
wg_meta->commit(1);METHODS
new($wireguard_home [, $wg_meta_prefix = '#+', $wg_meta_disabled_prefix = '#-'])
Creates a new instance of this class.
Parameters
$wireguard_homePath to Wireguard configuration files. Make sure the path ends with a `/`.[, $wg_meta_prefix]A custom wg-meta comment prefix, has to begin with either `;` or `#`. It is recommended to not change this setting, especially in a already deployed installation.[, $wg_meta_disabled_prefix]A custom prefix for the commented out (disabled) sections, has to begin with either `;` or `#` and must not be equal with$wg_meta_prefix! (This is enforced and an exception is thrown if violated) It is recommended to not change this setting, especially in an already deployed installation.
Returns
An instance of WGmeta::Wrapper::Config
set($interface, $identifier, $attribute, $value [, $allow_non_meta, $forward_function])
Sets a value on a specific interface section. If attribute_value == $value this sub is essentially a No-Op.
Parameters
$interfaceValid interface identifier (e.g 'wg0')$identifierIf the target section is a peer, this is usually the public key of this peer. If target is an interface, its again the interface name.$attributeAttribute name (Case does not not matter)[$allow_non_meta = FALSE]If set to TRUE, non wg-meta attributes are not forwarded to$forward_function.[$forward_function = undef]A reference to a callback function when$allow_non_meta = TRUE. The following signature is expected:forward_fun($interface, $identifier, $attribute, $value)
Raises
Exception if either the interface or identifier is invalid.
Returns
None
attr_value_is_valid($attribute, $value, $ref_valid_attrs)
Simply calls the validate() function defined in Wireguard::WGmeta::Validator
Parameters
$attributeAttribute name$valueAttribute value$ref_valid_attrsReference to the corresponding Wireguard::WGmeta::Validator section.
Returns
True if validation was successful, False if not
set_by_alias($interface, $alias, $attribute, $value [, $allow_non_meta = FALSE, $forward_function = undef])
Same as "set($interface, $identifier, $attribute, $value [, $allow_non_meta, $forward_function])" - just with alias support.
Raises
Exception if alias is invalid
disable($interface, $identifier)
Disables an interface/peer (by prefixing $wg_meta_disabled_prefix) and setting the wg-meta attribute `Disabled` to 1.
Parameters
$interfaceValid interface name (e.g 'wg0').$identifierA valid identifier: If the target section is a peer, this is usually the public key of this peer. If target is an interface, its again the interface name.
Returns
None
enable($interface, $identifier)
Inverse method if "disable($interface, $identifier)"
disable_by_alias($interface, $alias)
Same as "disable($interface, $identifier)" just with alias support
Raises
Exception if alias is invalid
disable_by_alias($interface, $alias)
Same as "enable($interface, $identifier)"ust with alias support
Raises
Exception if alias is invalid
is_valid_interface($interface)
Checks if an interface name is valid (present in parsed config)
Parameters
$interfaceAn interface name
Returns
True if present, undef if not.
is_valid_identifier($interface, $identifier)
Checks if an identifier is valid for a given interface
Parameters
$interfaceAn interface name$identifierAn identifier (no alias!)
Returns
True if present, undef if not.
translate_alias($interface, $alias)
Translates an alias to a valid identifier.
Parameters
$interfaceA valid interface name (e.g 'wg0').$aliasAn alias to translate
Raises
Exception if alias is invalid
Returns
A valid identifier.
try_translate_alias($interface, $may_alias)
Tries to translate an identifier (which may be an alias). However, unlike "translate_alias($interface, $alias)", no exception is thrown on failure, instead the $may_alias is returned.
Parameters
$interfaceA valid interface name (is not validated)$may_aliasAn identifier which could be a valid alias for this interface
Returns
If the alias is valid for the specified interface, the corresponding identifier is returned, else $may_alias
get_all_conf_files($wireguard_home)
Returns a list of all files in $wireguard_home matching r/.*\.conf$/.
Parameters
$wireguard_homePath to a folder where wireguard configuration files are located
Returns
A reference to a list with absolute paths to the config files (possibly empty)
commit([$is_hot_config = FALSE, $plain = FALSE])
Writes down the parsed config to the wireguard configuration folder
Parameters
[$is_hot_config = FALSE])If set to TRUE, the existing configuration is overwritten. Otherwise, the suffix '_not_applied' is appended to the filename[$plain = FALSE])If set to TRUE, no header is generated
Raises
Exception if: Folder or file is not writeable
Returns
None
get_interface_list()
Return a list of all interfaces.
Returns
A list of all valid interface names. If no interfaces are available, an empty list is returned
get_interface_section($interface, $identifier)
Returns a hash representing a section of a given interface
Parameters
$interfaceValid interface name$identifierValid section identifier
Returns
A hash containing the requested section. If the requested section/interface is not present, an empty hash is returned.
get_section_list($interface)
Returns a list of valid sections of an interface (ordered as in the original config file).
Parameters
$interfaceA valid interface name
Returns
A list of all sections of an interface. If interface is not present, an empty list is returned.
get_interface_fqdn($interface)
Returns the FQDN for an interface (if available)
Parameters
$interfaceA valid interface name
Returns
Value of fqdn attribute or empty string if unavailable.
add_interface($interface_name, $ip_address, $listen_port, $private_key)
Adds a (minimally configured) interface. If more attributes are needed, please set them using the set() method.
Caveat: No validation is performed on the values!
Parameters
$interface_nameA new interface name, must be unique.$ip_addressA string describing the ip net(s) (e.g '10.0.0.0/24, fdc9:281f:04d7:9ee9::2/64')$listen_portThe listen port for this interface.$private_keyA private key for this interface
Raises
An exception if the interface name already exists.
Returns
None
add_peer($interface, $name, $ip_address, $public_key [, $alias, $preshared_key])
Adds a peer to an exiting interface.
Parameters
$interfaceA valid interface.$nameA name for this peer (wg-meta).$ip_addressA string describing the ip-address(es) of this this peer.$public_keyPublic-key for this interface. This becomes the identifier of this peer.[$preshared_key]Optional argument defining the psk.[$alias]Optional argument defining an alias for this peer (wg-meta)
Raises
An exception if either the interface is invalid, the alias is already assigned or the public-key is already present on an other peer.
Returns
A tuple consisting of the iface private-key and listen port
remove_peer($interface, $identifier)
Removes a peer (identified by it's public key or alias) from an interface.
Parameters
$interfaceA valid interface name$identifierA valid identifier (or an alias)
Raises
Exception if interface or identifier is invalid
Returns
None
remove_interface($interface [, $keep_file = FALSE])
Removes an interface. This command deletes the config file immediately. I.e no rollback possible!
Parameters
$interfaceA valid interface name
Raises
Exception if interface or identifier is invalid
Returns
None
get_peer_count([$interface = undef])
Returns the number of peers.
Caveat: Does return the count represented in the current (parsed) configuration state.
Parameters
[$interface = undef]If defined, only return counts for this specific interface
Returns
Number of peers
reload_from_disk($interface [, $new = FALSE])
Method to reload an interface configuration from disk. Also useful to add an newly (externally) created interface on-the-fly.
Parameters
$interfaceA valid interface name[$new = FALSE]If set to True, the parser looks at$wireguard_homefor this new interface config.
Raises
Exception: If the interface is invalid (or the config file is not found)
Returns
None, or undef if $new == True and the interface in fact not a wg config.
register_on_reload_listener($ref_handler, $handler_id [, $ref_listener_args = []])
Register your callback handlers for the reload_from_disk() event here. Your handler is called after the reload happened, is blocking and exceptions are caught in an eval{}; environment.
Parameters
$ref_handlerReference to a handler function. The followin signature is expected:sub my_handler_function($interface, $ref_list_args){ ... }$handler_idAn identifier for you handler function. Must be unique![$ref_listener_args = []]A reference to an argument list for your handler function
Returns
None, exception if $handler_id is already present.
remove_on_reload_listener($handler_id)
Removes a reload callback handler by it's $handler_id.
Parameters
$handler_idA valid handler id
Returns
1 on success, undef on failure.