diff options
author | Thibault Gérondal <thibault.gerondal@sortlist.com> | 2022-12-30 10:06:11 +0100 |
---|---|---|
committer | Thibault Gérondal <thibault.gerondal@sortlist.com> | 2022-12-30 10:06:11 +0100 |
commit | ef49fb80ca48c4054e413e09bcad42409f2d850b (patch) | |
tree | 3550053b065209757070664480251ff37738a34d /action.yml | |
parent | fix parameter order (diff) | |
download | setup-wireguard-ef49fb80ca48c4054e413e09bcad42409f2d850b.tar.gz setup-wireguard-ef49fb80ca48c4054e413e09bcad42409f2d850b.zip |
Add parameter keepalive
Signed-off-by: Thibault Gérondal <thibault.gerondal@sortlist.com>
Diffstat (limited to 'action.yml')
-rw-r--r-- | action.yml | 34 |
1 files changed, 23 insertions, 11 deletions
@@ -20,6 +20,9 @@ inputs: preshared_key: description: Preshared key required: false + keepalive: + description: Useful for NAT traversal + required: false runs: using: composite @@ -33,6 +36,7 @@ runs: readonly allowed_ips='${{ inputs.allowed_ips }}' readonly private_key='${{ inputs.private_key }}' readonly preshared_key='${{ inputs.preshared_key }}' + readonly keepalive='${{ inputs.keepalive }}' readonly minport=51000 readonly maxport=51999 @@ -69,6 +73,11 @@ runs: PresharedKey=$preshared_key" fi + if [ -n "$keepalive" ]; then + netdev_contents="$netdev_contents + PersistentKeepalive=$keepalive" + fi + local network_contents network_contents=" [Match] @@ -132,19 +141,22 @@ runs: listen-port "$port" \ private-key "$private_key_path" - if [ -z "$preshared_key" ]; then - sudo wg set "$ifname" \ - peer "$endpoint_public_key" \ - endpoint "$endpoint" \ - allowed-ips "$allowed_ips" - else - sudo wg set "$ifname" \ - peer "$endpoint_public_key" \ - preshared-key "$preshared_key_path" \ - endpoint "$endpoint" \ - allowed-ips "$allowed_ips" + additionnal_wg_args=() + + if [ -n "$preshared_key" ]; then + additionnal_wg_args+=("preshared-key \"${preshared_key_path}\"") + fi + + if [ -n "$keepalive" ]; then + additionnal_wg_args+=("persistent-keepalive ${keepalive}") fi + sudo wg set "$ifname" \ + peer "$endpoint_public_key" \ + endpoint "$endpoint" \ + allowed-ips "$allowed_ips" \ + ${additionnal_wg_args[@]} + sudo ip link set "$ifname" up } |