diff options
-rw-r--r-- | action.yml | 34 |
1 files changed, 23 insertions, 11 deletions
@@ -20,6 +20,9 @@ inputs: preshared_key: description: Preshared key required: false + keepalive: + description: Useful for NAT traversal + required: false runs: using: composite @@ -33,6 +36,7 @@ runs: readonly allowed_ips='${{ inputs.allowed_ips }}' readonly private_key='${{ inputs.private_key }}' readonly preshared_key='${{ inputs.preshared_key }}' + readonly keepalive='${{ inputs.keepalive }}' readonly minport=51000 readonly maxport=51999 @@ -69,6 +73,11 @@ runs: PresharedKey=$preshared_key" fi + if [ -n "$keepalive" ]; then + netdev_contents="$netdev_contents + PersistentKeepalive=$keepalive" + fi + local network_contents network_contents=" [Match] @@ -132,19 +141,22 @@ runs: listen-port "$port" \ private-key "$private_key_path" - if [ -z "$preshared_key" ]; then - sudo wg set "$ifname" \ - peer "$endpoint_public_key" \ - endpoint "$endpoint" \ - allowed-ips "$allowed_ips" - else - sudo wg set "$ifname" \ - peer "$endpoint_public_key" \ - preshared-key "$preshared_key_path" \ - endpoint "$endpoint" \ - allowed-ips "$allowed_ips" + additionnal_wg_args=() + + if [ -n "$preshared_key" ]; then + additionnal_wg_args+=("preshared-key \"${preshared_key_path}\"") + fi + + if [ -n "$keepalive" ]; then + additionnal_wg_args+=("persistent-keepalive ${keepalive}") fi + sudo wg set "$ifname" \ + peer "$endpoint_public_key" \ + endpoint "$endpoint" \ + allowed-ips "$allowed_ips" \ + ${additionnal_wg_args[@]} + sudo ip link set "$ifname" up # Add routes for allowed_ips |