Make updating wireguard configuration work on 18.04

[chef.git] / cookbooks / networking / recipes / default.rb

diff --git a/cookbooks/networking/recipes/default.rb b/cookbooks/networking/recipes/default.rb
index ac847bfc7cbe58df019246552d671d8e93aa89c1..0f7b2e49ab804f2258c7c6174ab2fcfc68b70bb0 100644 (file)
--- a/cookbooks/networking/recipes/default.rb
+++ b/cookbooks/networking/recipes/default.rb
@@ -210,7 +210,7 @@ if node[:networking][:wireguard][:enabled]
     compile_time true
   end
 
-  node.default[:networking][:wireguard][:public_key] = %x(wg pubkey < /var/lib/systemd/wireguard/private.key)
+  node.default[:networking][:wireguard][:public_key] = %x(wg pubkey < /var/lib/systemd/wireguard/private.key).chomp
 
   file "/var/lib/systemd/wireguard/preshared.key" do
     action :create_if_missing
@@ -226,7 +226,7 @@ if node[:networking][:wireguard][:enabled]
       next unless gateway[:networking][:wireguard] && gateway[:networking][:wireguard][:enabled]
 
       allowed_ips = gateway.interfaces(:role => :internal).map do |interface|
-        "#{interface[:network]}/#{interface[:metric]}"
+        "#{interface[:network]}/#{interface[:prefix]}"
       end
 
       node.default[:networking][:wireguard][:peers] << {
@@ -251,19 +251,35 @@ if node[:networking][:wireguard][:enabled]
     mode "644"
   end
 
-  execute "ip-link-delete-wg0" do
-    action :nothing
-    command "ip link delete wg0"
-    subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
-    only_if { ::File.exist?("/sys/class/net/wg0") }
-  end
+  if node[:lsb][:release].to_f < 20.04
+    execute "ip-link-delete-wg0" do
+      action :nothing
+      command "ip link delete wg0"
+      subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
+      only_if { ::File.exist?("/sys/class/net/wg0") }
+    end
 
-  execute "networkctl-reload" do
-    action :nothing
-    command "networkctl reload"
-    subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
-    subscribes :run, "template[/etc/systemd/network/wireguard.network]"
-    not_if { ENV.key?("TEST_KITCHEN") }
+    service "systemd-networkd" do
+      action :nothing
+      subscribes :restart, "template[/etc/systemd/network/wireguard.netdev]"
+      subscribes :restart, "template[/etc/systemd/network/wireguard.network]"
+      not_if { ENV.key?("TEST_KITCHEN") }
+    end
+  else
+    execute "networkctl-delete-wg0" do
+      action :nothing
+      command "networkctl delete wg0"
+      subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
+      only_if { ::File.exist?("/sys/class/net/wg0") }
+    end
+
+    execute "networkctl-reload" do
+      action :nothing
+      command "networkctl reload"
+      subscribes :run, "template[/etc/systemd/network/wireguard.netdev]"
+      subscribes :run, "template[/etc/systemd/network/wireguard.network]"
+      not_if { ENV.key?("TEST_KITCHEN") }
+    end
   end
 end