Hi
I wanna automate peer creation in Wireguard plugin. For this I use api.
1. I can create new peer with API call "/api/wireguard/client/addClient" with JSON
{"client":
{"enabled": "1",
"name": "WR_Master",
"pubkey": "user_pubkey",
"tunneladdress": "10.0.11.50/32",
"persistentkeepalive": "25"
}
}
It is ok. Peer is created with uuid "xxxx-xxxx-xxxx"
2. Now I need to enable new peer in VPN -> Wireguard -> Local -> Peers (Endpoints)
I try to call API "/api/wireguard/server/set" with JSON
{
"server": {
"enabled": "1",
"peers": {
"xxxx-xxxx-xxxx": {
"selected": "1"
}
},
"uuid": "yyyy-yyyy-yyyy"
}
}
where "yyyy-yyyy-yyyy" is Wireguard server's uuid.
The call ends successfully with message
"Ok. Saved"
Then I make a API call "/api/wireguard/service/reconfigure"
Result - "Ok"
But unfortunally new peer is uncheked in GUI VPN -> Wireguard -> Local -> Peers (Endpoints)
What i doing wrong?
To set an single peer active send
{'server': {'peers': SinglePeerUUID}} to wireguard/server/setServer/ServerUUID, then SinglePeerUUID gets enabled. To set multiple active:{'server': {'peers': 'SinglePeerUUID1,SinglePeerUUID2' }}Take care, not to send a json array [...], but a string with comma separated values.
Too sad, that such things have to be figured out by trial and error, instead of reading a doc. IMO this belongs on this page:https://docs.opnsense.org/development/api/plugins/wireguard.html (https://docs.opnsense.org/development/api/plugins/wireguard.html)
I made a little project which allows to make a new wireguard peer and push it to the opensense: https://github.com/pkoevesdi/wg-keygen-notrust/tree/opnsensebridge extending the pure conf generator https://github.com/jcarrano/wg-keygen-notrust. Can also be used as a demo for the wireguard API.