commitdev · bmonkman · Sep 22, 2020 · Sep 21, 2020 · Sep 22, 2020 · Sep 22, 2020
@@ -137,6 +137,8 @@ resource "kubernetes_deployment" "wireguard" {
       metadata {
         labels = {
           app = "wireguard"
+          # this hash is to update the deployment whenever configmap is updated with new users
+          configmap_version = sha1(data.template_file.vpn_server_conf.rendered)
         }
       }
 

@@ -21,11 +21,11 @@ read name
 # collect keys
 server_public_key=$($EXEC "cat /etc/wireguard/privatekey | wg pubkey")
 client_private_key=$($EXEC "wg genkey")
-client_public_key=$($EXEC "echo -n $client_private_key | wg pubkey")
+client_public_key=$($EXEC "echo -n $client_private_key | wg pubkey | tr -d \"\r\n\f\"")
 
 # get next available IP
 existing_ips=$($EXEC "cat /etc/wireguard/wg0.conf | grep AllowedIPs| cut -d\" \" -f3 | cut -d\"/\" -f1 | sort")
-last_ip=$(echo "$existing_ips" | tr -cd "[:alnum:]." | tail -1)
+last_ip=$(echo "$existing_ips" | tr -cd "[:alnum:].\n" | tail -1)
 next_ip=$last_ip
 while [[ "$existing_ips" =~ "$next_ip" ]]; do
   next_ip=${next_ip%.*}.$((${next_ip##*.}+1))
@@ -45,7 +45,7 @@ echo
 echo "Please modify kubernetes/terraform/environments/<env>/main.tf and append the following line to var.vpn_client_publickeys."
 echo "Then apply the terraform, or ask an administrator to."
 echo
-printf '    ["%s", "%s", "%s"]' "$name" "$next_ip/32" "$client_public_key"
+printf '    ["%s", "%s", "%s"],' "$name" "$next_ip/32" "$client_public_key"
 echo
 echo "After this is done you should be able to open the wireguard client and activate the tunnel."
 echo "You can download the client at https://www.wireguard.com/install/"