Introduce a new script to manage Hetzner servers which includes capabilities to list, update, and delete servers. The script integrates with the local Wireguard VPN configuration tool, running an update script and subsequently removing old servers. This automates the process, ensuring efficient server management and updated local configurations.
Removed `delete=False, mode='w'` from `TemporaryDirectory` to fix incorrect usage that caused potential errors. Ensures temporary directory is properly cleaned up and simplifies the tempfile creation process. This update improves file handling and stability.
Updated the saving mechanism for temporary configuration files by utilizing a temporary directory instead of a named temporary file. This change streamlines file handling and avoids potential issues related to file name collisions.
Improves reliability of configuration updates by ensuring a cleaner and more isolated temporary workspace, which enhances process safety and consistency.
Introduced a `--config_path` parameter to allow specifying a custom path for the Wireguard configuration file. Defaults to `/etc/wireguard/{interface}.conf` if not provided. This enhances flexibility for different deployment environments and use cases.
Introduce a new script to streamline the process of updating local
Wireguard configuration by automating the replacement of the [Peer]
section. This script executes a remote setup script, reads the existing
config file, replaces the [Peer] section, and applies the updated
configuration seamlessly.
Addresses the need for a more efficient and error-free method to keep
local Wireguard settings in sync with remote server setups, enhancing
reliability and maintainability.
Defer the import of cloud provider libraries (boto3, hcloud,
digitalocean, azure) until they are needed within the respective
server creation functions. This prevents unnecessary imports
when only a subset of providers is used, reducing resource
consumption and avoiding import errors for unused libraries.
Introduced a new `--endpoint-only` argument to the `run` function and CLI, which prints only the Wireguard endpoint (host:port) instead of the full peer configuration. This can be useful for quick access to the endpoint without needing the rest of the configuration details.
Added fallback parameters to config retrieval to prevent exceptions when WireGuard private and preshared keys are missing. This ensures that keys are generated when not provided, improving robustness and preventing potential runtime errors.
Switch to `config.get` for retrieving Wireguard keys to safely handle cases where keys might not be present in the configuration. This change prevents potential crashes due to missing keys and ensures that defaults are generated as needed.
Refactored the code to pass configuration sections as parameters to server creation functions instead of accessing them globally. This enhances modularity and clarity by making function dependencies explicit. Additionally, consolidated configuration reading and argument parsing in the main function, and added a validation step to check for required configuration sections.
This change makes the codebase more maintainable and prepares it for potential future extensions.
Renamed the 'chimpman_config' variable to 'peer_config' for clarity, and updated the print statement to more accurately reflect the content being displayed. This improves code readability and eliminates the use of ambiguous terminology.
No changes to functionality.
Added optional manual configuration for Wireguard private and preshared keys in the configuration file. If these keys are not provided, they will be automatically generated as previously.
This flexibility allows users to specify their own keys, thus integrating custom security needs and syncing with existing setups more seamlessly.
Updated configuration script to include IPv4 rules alongside existing IPv6 rules for iptables. This ensures that both protocols are properly handled, enhancing network versatility and compatibility. Enabled IPv4 forwarding in sysctl to support the new rules.
Introduce a new feature to automate the creation and configuration of WireGuard VPN servers across multiple cloud providers (Hetzner, AWS, DigitalOcean, Azure). Changes include:
- Added a `.gitignore` file to exclude `config.ini` and `venv/`.
- Provided `config.dist.ini` with configuration templates for supported providers.
- Created a `requirements.txt` listing all necessary dependencies.
- Developed `worker.py` to handle server creation, WireGuard setup, and configuration management.
This enhancement simplifies and standardizes VPN server deployment, improving operational efficiency and consistency.