wg-installer: delete old interfaces

Add "wg_check_interfaces" and specify a timeout in the config file.
This allows to delete not used wireguard-interfaces automatically.

For example a cronjob can be installed that calls:
  . /usr/share/wginstaller/wg_functions.sh && wg_check_interfaces

Signed-off-by: Nick Hainke <vincent@systemli.org>

diff --git a/net/wg-installer/wg-server/config/wgserver.conf b/net/wg-installer/wg-server/config/wgserver.conf
index a88a8f94e573875e5396f4f78872585dd2f94402..c68f0d0c05826d51aa7acc7beb5af2dd0c70e6ec 100644 (file)
--- a/net/wg-installer/wg-server/config/wgserver.conf
+++ b/net/wg-installer/wg-server/config/wgserver.conf
@@ -4,3 +4,4 @@ config server
     option base_prefix '2002::/64'
     option wg_key '/root/wg.key'
     option wg_pub '/root/wg.pub'
+    option timeout_handshake '600'

diff --git a/net/wg-installer/wg-server/lib/wg_functions.sh b/net/wg-installer/wg-server/lib/wg_functions.sh
index 65f94e5c2ae787861204a6faf6587c0d57f56384..2d38c60c9f39d133a716dec2c3a04266d2705f4c 100644 (file)
--- a/net/wg-installer/wg-server/lib/wg_functions.sh
+++ b/net/wg-installer/wg-server/lib/wg_functions.sh
@@ -1,6 +1,33 @@
 . /usr/share/libubox/jshn.sh
 . /usr/share/wginstaller/wg.sh
 
+wg_timeout () {
+       local int=$1
+
+       handshake=$(wg show $int latest-handshakes | awk '{print $2}')
+       timeout=$(uci get wgserver.@server[0].timeout_handshake)
+
+       if [ $handshake -ge $timeout ]; then
+               echo "1"
+       else
+               echo "0"
+       fi
+}
+
+wg_check_interface () {
+       local int=$1
+       if [ $(wg_timeout $int) -eq "1" ]; then
+               ip link del dev $int
+       fi
+}
+
+wg_check_interfaces () {
+       wg_interfaces=$(wg show interfaces)
+       for interface in $wg_interfaces; do
+               wg_check_interface $interface
+       done
+}
+
 wg_get_usage () {
        num_interfaces=$(wg show interfaces | wc -w)
        json_init