Relative path for the configuration file was adjusted to refer to the current directory, simplifying file location and enhancing script portability. This change prevents issues when running the script from different directories.
Removed unnecessary os.path.realpath usage for sys.executable in
both manage_hetzner_servers.py and update_local_config.py. This
reduces complexity and potential for errors when resolving paths.
No significant changes to functionality. This change will make
scripts easier to maintain and execute.
Updated the script execution commands to use `sys.executable` instead
of a hard-coded "python" to ensure compatibility with different Python
environments. Additionally, refactored code for better readability
and consistency in formatting, particularly around argument parsing
and error handling in both manage_hetzner_servers.py and
update_local_config.py.
Improves deployment flexibility and code maintainability.
Removed the --provider argument from the command-line parser and set the provider variable directly to "hetzner". Simplifies the script by removing an unnecessary user input field. Relevant for deployments exclusively using Hetzner.
Introduce a new script to manage Hetzner servers which includes capabilities to list, update, and delete servers. The script integrates with the local Wireguard VPN configuration tool, running an update script and subsequently removing old servers. This automates the process, ensuring efficient server management and updated local configurations.
Removed `delete=False, mode='w'` from `TemporaryDirectory` to fix incorrect usage that caused potential errors. Ensures temporary directory is properly cleaned up and simplifies the tempfile creation process. This update improves file handling and stability.
Updated the saving mechanism for temporary configuration files by utilizing a temporary directory instead of a named temporary file. This change streamlines file handling and avoids potential issues related to file name collisions.
Improves reliability of configuration updates by ensuring a cleaner and more isolated temporary workspace, which enhances process safety and consistency.
Introduced a `--config_path` parameter to allow specifying a custom path for the Wireguard configuration file. Defaults to `/etc/wireguard/{interface}.conf` if not provided. This enhances flexibility for different deployment environments and use cases.
Introduce a new script to streamline the process of updating local
Wireguard configuration by automating the replacement of the [Peer]
section. This script executes a remote setup script, reads the existing
config file, replaces the [Peer] section, and applies the updated
configuration seamlessly.
Addresses the need for a more efficient and error-free method to keep
local Wireguard settings in sync with remote server setups, enhancing
reliability and maintainability.
Defer the import of cloud provider libraries (boto3, hcloud,
digitalocean, azure) until they are needed within the respective
server creation functions. This prevents unnecessary imports
when only a subset of providers is used, reducing resource
consumption and avoiding import errors for unused libraries.
Introduced a new `--endpoint-only` argument to the `run` function and CLI, which prints only the Wireguard endpoint (host:port) instead of the full peer configuration. This can be useful for quick access to the endpoint without needing the rest of the configuration details.
Added fallback parameters to config retrieval to prevent exceptions when WireGuard private and preshared keys are missing. This ensures that keys are generated when not provided, improving robustness and preventing potential runtime errors.
Switch to `config.get` for retrieving Wireguard keys to safely handle cases where keys might not be present in the configuration. This change prevents potential crashes due to missing keys and ensures that defaults are generated as needed.
Refactored the code to pass configuration sections as parameters to server creation functions instead of accessing them globally. This enhances modularity and clarity by making function dependencies explicit. Additionally, consolidated configuration reading and argument parsing in the main function, and added a validation step to check for required configuration sections.
This change makes the codebase more maintainable and prepares it for potential future extensions.
Renamed the 'chimpman_config' variable to 'peer_config' for clarity, and updated the print statement to more accurately reflect the content being displayed. This improves code readability and eliminates the use of ambiguous terminology.
No changes to functionality.
Added optional manual configuration for Wireguard private and preshared keys in the configuration file. If these keys are not provided, they will be automatically generated as previously.
This flexibility allows users to specify their own keys, thus integrating custom security needs and syncing with existing setups more seamlessly.
Updated configuration script to include IPv4 rules alongside existing IPv6 rules for iptables. This ensures that both protocols are properly handled, enhancing network versatility and compatibility. Enabled IPv4 forwarding in sysctl to support the new rules.
Introduce a new feature to automate the creation and configuration of WireGuard VPN servers across multiple cloud providers (Hetzner, AWS, DigitalOcean, Azure). Changes include:
- Added a `.gitignore` file to exclude `config.ini` and `venv/`.
- Provided `config.dist.ini` with configuration templates for supported providers.
- Created a `requirements.txt` listing all necessary dependencies.
- Developed `worker.py` to handle server creation, WireGuard setup, and configuration management.
This enhancement simplifies and standardizes VPN server deployment, improving operational efficiency and consistency.
