-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Setting both wireguard_endpoint to "" and wireguard_port to a non default port results in invalid template output #176
Comments
…whilst using a custom port Related to issue githubixx#176
Any reason this is not being addressed? |
I've no test case for it 😉 That means I first need to setup a Molecule test case to be able to reproduce the behavior. I normally want to first see the result in a test environment before I merge something that changes the "core" template. But I don't have that much time to create a Molecule test where I need to guess what values covers the PRs case. So I normally only work on such PRs if I've "too much time" or someone provides a Molecule test case that I can use as a template. |
Understood. I propose to add the "bug" label. |
@daanh432 Can you provide some test variables that helps to reproduce the issue? |
It has to do with some hosts not having a valid endpoint to connect to because they are behind a firewall for example. This is fine within the Wireguard world because of the ability to use persistent keepalive which will allow the reverse connection anyway without it having an endpoint defined. With the template in the main branch at this time, setting the endpoint to an empty string and port to a valid value results in it falling back to So for one of your hosts set the variables as follows (the port value is irrelevant it just needs to be defined):
This will have the unintended output of:
The expected output would be leaving out the Endpoint entirely because we're explicitly telling it to not have an endpoint address. The pull request I opened a while ago splits up the check for defined and empty string. If it is undefined it will still use But if it is defined with an empty string it will leave out the endpoint definition entirely and output In short: as of right now it is only possible to remove the endpoint statement in its entirety by not using a custom port. With the change in #177 it is also possible to remove the endpoint statement when having a globally defined custom port. I would like to help you out with the Molecule test but I have had no available time yet to look into the workings of Molecule. |
This issue has also been mentioned in an earlier PR. So maybe it is more worthwhile to follow up on that pull request instead. |
…nsible-role-wireguard into master Pull request githubixx#177 Closes githubixx#176 Fixed unsetting the Wireguard endpoint whilst using a custom port
I have to comments:
|
Although "old" issue, the proposed change is the solution to the odd (=wrong) template output if wireguard_port is non-default AND wireguard_endpoint is defined as empty string ("", pure client). |
The way the template is built. If you set the wireguard_endpoint host_var to an empty string (meaning that that host shouldn't have an endpoint) the if statements end up with in undesired option.
Whilst having a custom port it is not possible to remove the endpoint by setting the wireguard_endpoint to an empty string.
The text was updated successfully, but these errors were encountered: