Puppet Function: wireguard::genkey

Defined in:
lib/puppet/functions/wireguard/genkey.rb
Function type:
Ruby 4.x API

Overview

wireguard::genkey(String $name)Array

Examples:

Creating private and public key for the interface wg0.

wireguard::genkey('wg0', '/etc/wireguard') => [
  '2N0YBID3tnptapO/V5x3GG78KloA8xkLz1QtX6OVRW8=',
  'Pz4sRKhRMSet7IYVXXeZrAguBSs+q8oAVMfAAXHJ7S8=',
]

Parameters:

  • name (String)

    The interface name.

  • path

    Absolut path to the wireguard key files (default ‘/etc/wireguard’).

Returns:

  • (Array)

    Returns [$private_key, $public_key].



1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
 
# File 'lib/puppet/functions/wireguard/genkey.rb', line 1

Puppet::Functions.create_function(:'wireguard::genkey') do
  # Returns an array containing the wireguard private and public (in this order) key
  # for a certain interface.
  # @param name The interface name.
  # @param path Absolut path to the wireguard key files (default '/etc/wireguard').
  # @return [Array] Returns [$private_key, $public_key].
  # @example Creating private and public key for the interface wg0.
  #   wireguard::genkey('wg0', '/etc/wireguard') => [
  #     '2N0YBID3tnptapO/V5x3GG78KloA8xkLz1QtX6OVRW8=',
  #     'Pz4sRKhRMSet7IYVXXeZrAguBSs+q8oAVMfAAXHJ7S8=',
  #   ]
  dispatch :genkey do
    required_param 'String', :name
    return_type 'Array'
  end

  def gen_privkey(private_key_path, public_key_path)
    unless File.exists?(private_key_path)
      private_key = Puppet::Util::Execution.execute(
        ['/usr/bin/wg', 'genkey'],
      )
      File.open(private_key_path, 'w') do |f|
        f << private_key
      end
      File.delete(public_key_path) if File.exist?(public_key_path)
    end
  end

  def gen_pubkey(private_key_path, public_key_path)
    unless File.exists?(public_key_path)
      public_key = Puppet::Util::Execution.execute(
        ['/usr/bin/wg', 'pubkey'],
        {:stdinfile => private_key_path},
      )
      File.open(public_key_path, 'w') do |f|
        f << public_key
      end
    end
  end

  def genkey(name, path='/etc/wireguard')
    private_key_path = File.join(path, "#{name}.key")
    public_key_path = File.join(path, "#{name}.pub")
    [private_key_path,public_key_path].each do |p|
      raise Puppet::ParseError, "#{p} is a directory" if File.directory?(p)
      dir = File.dirname(p)
      raise Puppet::ParseError, "#{dir} is not writable" if not File.writable?(dir)
    end

    gen_privkey(private_key_path, public_key_path)
    gen_pubkey(private_key_path, public_key_path)
    [File.read(private_key_path),File.read(public_key_path)]
  end
end