Merge pull request #84 from naggie/fixkeepalive

Fix keepalive setting
naggie · Sep 15, 2022 · f4f0549 · f4f0549
2 parents 082e311 + 24986c6
commit f4f0549
Show file tree

Hide file tree

Showing 9 changed files with 80 additions and 64 deletions.
diff --git a/CONFIG.md b/CONFIG.md
@@ -133,11 +133,16 @@ Any other CIDR networks that can be routed through this peer.
 The public key derived from the private key generated by dsnet when the peer
 was added.
 
-            "PresharedKey": "GcUtlze0BMuxo3iVEjpOahKdTf8xVfF8hDW3Ylw5az0="
+            "PresharedKey": "GcUtlze0BMuxo3iVEjpOahKdTf8xVfF8hDW3Ylw5az0=",
 
 The pre-shared key for this peer. The peer has the same key defined as the
 pre-shared key for the server peer. This is optional in wireguard but not for
 dsnet due to the extra (post quantum!) security it provides.
 
+            "PersistentKeepalive": 25
+
+The PersistentKeepalive value for the server in generated client configs, and
+for each peer connected to the server.
+
 
         }
diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 .PHONY: all build compile quick clean
 
-all: build
+all: compile
 
 clean:
 	@rm -r dist

diff --git a/cmd/cli/config.go b/cmd/cli/config.go
@@ -65,6 +65,8 @@ type DsnetConfig struct {
 	PostUp     string
 	PostDown   string
 	Peers      []PeerConfig `validate:"dive"`
+	// used for server and client
+	PersistentKeepalive int `validate:"gte=0,lte=255"`
 }
 
 // LoadConfigFile parses the json config file, validates and stuffs
@@ -81,7 +83,13 @@ func LoadConfigFile() (*DsnetConfig, error) {
 		return nil, err
 	}
 
-	conf := DsnetConfig{}
+	conf := DsnetConfig{
+		// set default for if key is not set. If it is set, this will not be
+		// used _even if value is zero!_
+		// Effectively, this is a migration
+		PersistentKeepalive: 25,
+	}
+
 	err = json.Unmarshal(raw, &conf)
 	if err != nil {
 		return nil, err

diff --git a/cmd/cli/init.go b/cmd/cli/init.go
@@ -34,17 +34,18 @@ func Init() {
 	check(err)
 
 	conf := &DsnetConfig{
-		PrivateKey:    privateKey,
-		ListenPort:    listenPort,
-		Network:       getPrivateNet(),
-		Network6:      getULANet(),
-		Peers:         []PeerConfig{},
-		Domain:        "dsnet",
-		ReportFile:    reportFile,
-		ExternalIP:    externalIPV4,
-		ExternalIP6:   getExternalIP6(),
-		InterfaceName: interfaceName,
-		Networks:      []lib.JSONIPNet{},
+		PrivateKey:          privateKey,
+		ListenPort:          listenPort,
+		Network:             getPrivateNet(),
+		Network6:            getULANet(),
+		Peers:               []PeerConfig{},
+		Domain:              "dsnet",
+		ReportFile:          reportFile,
+		ExternalIP:          externalIPV4,
+		ExternalIP6:         getExternalIP6(),
+		InterfaceName:       interfaceName,
+		Networks:            []lib.JSONIPNet{},
+		PersistentKeepalive: 25,
 	}
 
 	server := GetServer(conf)

diff --git a/cmd/cli/server.go b/cmd/cli/server.go
@@ -8,22 +8,23 @@ import (
 func GetServer(config *DsnetConfig) *lib.Server {
 	fallbackWGBin := viper.GetString("fallback_wg_bin")
 	return &lib.Server{
-		ExternalHostname: config.ExternalHostname,
-		ExternalIP:       config.ExternalIP,
-		ExternalIP6:      config.ExternalIP6,
-		ListenPort:       config.ListenPort,
-		Domain:           config.Domain,
-		InterfaceName:    config.InterfaceName,
-		Network:          config.Network,
-		Network6:         config.Network6,
-		IP:               config.IP,
-		IP6:              config.IP6,
-		DNS:              config.DNS,
-		PrivateKey:       config.PrivateKey,
-		PostUp:           config.PostUp,
-		PostDown:         config.PostDown,
-		FallbackWGBin:    fallbackWGBin,
-		Peers:            jsonPeerToDsnetPeer(config.Peers),
-		Networks:         config.Networks,
+		ExternalHostname:    config.ExternalHostname,
+		ExternalIP:          config.ExternalIP,
+		ExternalIP6:         config.ExternalIP6,
+		ListenPort:          config.ListenPort,
+		Domain:              config.Domain,
+		InterfaceName:       config.InterfaceName,
+		Network:             config.Network,
+		Network6:            config.Network6,
+		IP:                  config.IP,
+		IP6:                 config.IP6,
+		DNS:                 config.DNS,
+		PrivateKey:          config.PrivateKey,
+		PostUp:              config.PostUp,
+		PostDown:            config.PostDown,
+		FallbackWGBin:       fallbackWGBin,
+		Peers:               jsonPeerToDsnetPeer(config.Peers),
+		Networks:            config.Networks,
+		PersistentKeepalive: config.PersistentKeepalive,
 	}
 }
diff --git a/lib/generator.go b/lib/generator.go
@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"text/template"
-	"time"
 )
 
 func getPeerConfTplString(peerType PeerType) (string, error) {
@@ -63,7 +62,6 @@ func GetWGPeerTemplate(peer Peer, peerType PeerType, server Server) (*bytes.Buff
 	err = t.Execute(&templateBuff, map[string]interface{}{
 		"Peer":      peer,
 		"Server":    server,
-		"Keepalive": time.Duration(peer.KeepAlive).Seconds(),
 		"CidrSize":  cidrSize,
 		"CidrSize6": cidrSize6,
 		// vyatta requires an interface in range/format wg0-wg999

diff --git a/lib/peer.go b/lib/peer.go
@@ -24,17 +24,17 @@ const (
 )
 
 type Peer struct {
-	Hostname     string
-	Owner        string
-	Description  string
-	IP           net.IP
-	IP6          net.IP
-	Added        time.Time
-	PublicKey    JSONKey
-	PrivateKey   JSONKey
-	PresharedKey JSONKey
-	Networks     []JSONIPNet
-	KeepAlive    time.Duration
+	Hostname            string
+	Owner               string
+	Description         string
+	IP                  net.IP
+	IP6                 net.IP
+	Added               time.Time
+	PublicKey           JSONKey
+	PrivateKey          JSONKey
+	PresharedKey        JSONKey
+	Networks            []JSONIPNet
+	PersistentKeepalive int
 }
 
 func NewPeer(server *Server, owner string, hostname string, description string) (Peer, error) {
@@ -65,6 +65,8 @@ func NewPeer(server *Server, owner string, hostname string, description string)
 		PrivateKey:   privateKey,
 		PresharedKey: presharedKey,
 		Networks:     []JSONIPNet{},
+		// inherit from server setting, which is derived from config
+		PersistentKeepalive: server.PersistentKeepalive,
 	}
 
 	if len(server.Network.IPNet.Mask) > 0 {

diff --git a/lib/server.go b/lib/server.go
@@ -10,23 +10,24 @@ import (
 )
 
 type Server struct {
-	ExternalHostname string
-	ExternalIP       net.IP
-	ExternalIP6      net.IP
-	ListenPort       int
-	Domain           string
-	InterfaceName    string
-	Network          JSONIPNet
-	Network6         JSONIPNet
-	IP               net.IP
-	IP6              net.IP
-	DNS              net.IP
-	PrivateKey       JSONKey
-	PostUp           string
-	PostDown         string
-	FallbackWGBin    string
-	Peers            []Peer
-	Networks         []JSONIPNet
+	ExternalHostname    string
+	ExternalIP          net.IP
+	ExternalIP6         net.IP
+	ListenPort          int
+	Domain              string
+	InterfaceName       string
+	Network             JSONIPNet
+	Network6            JSONIPNet
+	IP                  net.IP
+	IP6                 net.IP
+	DNS                 net.IP
+	PrivateKey          JSONKey
+	PostUp              string
+	PostDown            string
+	FallbackWGBin       string
+	Peers               []Peer
+	Networks            []JSONIPNet
+	PersistentKeepalive int
 }
 
 func (s *Server) GetPeers() []wgtypes.PeerConfig {

diff --git a/lib/templates.go b/lib/templates.go
@@ -16,7 +16,7 @@ DNS={{ .Server.DNS }}
 PublicKey={{ .Server.PrivateKey.PublicKey.Key }}
 PresharedKey={{ .Peer.PresharedKey.Key }}
 Endpoint={{ .Endpoint }}:{{ .Server.ListenPort }}
-PersistentKeepalive={{ .Keepalive }}
+PersistentKeepalive={{ .Server.PersistentKeepalive }}
 {{ if gt (.Server.Network.IPNet.IP | len) 0 -}}
 AllowedIPs={{ .Server.Network.IPNet.IP }}/{{ .CidrSize }}
 {{ end -}}
@@ -44,7 +44,7 @@ set interfaces wireguard {{ .Wgif }} description {{ .Server.InterfaceName }}
 {{ end }}
 
 set interfaces wireguard {{ .Wgif }} peer {{ .Server.PrivateKey.PublicKey.Key }} endpoint {{ .Endpoint }}:{{ .Server.ListenPort }}
-set interfaces wireguard {{ .Wgif }} peer {{ .Server.PrivateKey.PublicKey.Key }} persistent-keepalive {{ .Keepalive }}
+set interfaces wireguard {{ .Wgif }} peer {{ .Server.PrivateKey.PublicKey.Key }} persistent-keepalive {{ .Server.PersistentKeepalive }}
 set interfaces wireguard {{ .Wgif }} peer {{ .Server.PrivateKey.PublicKey.Key }} preshared-key {{ .Peer.PresharedKey.Key }}
 {{ if gt (.Server.Network.IPNet.IP | len) 0 -}}
 set interfaces wireguard {{ .Wgif }} peer {{ .Server.PrivateKey.PublicKey.Key }} allowed-ips {{ .Server.Network.IPNet.IP }}/{{ .CidrSize }}
@@ -85,7 +85,7 @@ const nixosPeerConf = `networking.wireguard.interfaces = {{ "{" }}
           {{ end -}}
         ];
         endpoint = "{{ .Endpoint }}:{{ .Server.ListenPort }}";
-        persistentKeepalive = {{ .Keepalive }};
+        persistentKeepalive = {{ .Server.PersistentKeepalive }};
       {{ "}" }}
     ];
   {{ "};" }}