From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id GA2DAgLvWmRlFgAASxT56A (envelope-from ) for ; Wed, 10 May 2023 03:10:26 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:bcc0::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id kI5/AgLvWmSNigAA9RJhRA (envelope-from ) for ; Wed, 10 May 2023 03:10:26 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8DD4A39923 for ; Wed, 10 May 2023 03:10:25 +0200 (CEST) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pwYLI-0003ax-Um; Tue, 09 May 2023 21:10:08 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pwYLD-0003a5-2n for guix-patches@gnu.org; Tue, 09 May 2023 21:10:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pwYLC-0005Ch-JV for guix-patches@gnu.org; Tue, 09 May 2023 21:10:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1pwYLC-0006RQ-DG for guix-patches@gnu.org; Tue, 09 May 2023 21:10:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#63402] [PATCH 0/1] Add a dynamic IP monitoring option to Wireguard service Resent-From: Maxim Cournoyer Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Wed, 10 May 2023 01:10:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 63402 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 63402@debbugs.gnu.org, maxim.cournoyer@gmail.com X-Debbugs-Original-To: guix-patches@gnu.org, maxim.cournoyer@gmail.com Received: via spool by submit@debbugs.gnu.org id=B.168368096824698 (code B ref -1); Wed, 10 May 2023 01:10:02 +0000 Received: (at submit) by debbugs.gnu.org; 10 May 2023 01:09:28 +0000 Received: from localhost ([127.0.0.1]:44834 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pwYKW-0006Q9-IJ for submit@debbugs.gnu.org; Tue, 09 May 2023 21:09:28 -0400 Received: from lists.gnu.org ([209.51.188.17]:34282) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1pwYKS-0006Ps-4q for submit@debbugs.gnu.org; Tue, 09 May 2023 21:09:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pwYKR-0003WZ-UN for guix-patches@gnu.org; Tue, 09 May 2023 21:09:15 -0400 Received: from mail-qv1-xf2d.google.com ([2607:f8b0:4864:20::f2d]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1pwYKL-000550-SY for guix-patches@gnu.org; Tue, 09 May 2023 21:09:12 -0400 Received: by mail-qv1-xf2d.google.com with SMTP id 6a1803df08f44-619ca08c166so32060236d6.1 for ; Tue, 09 May 2023 18:09:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1683680948; x=1686272948; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=ateTvMa5FVjUhneHfMXPWTJ+mEW1oJMct3wYvjdr1hE=; b=Pkv7ZmVbEcEdqz04vHZmdy9cuLr7JYENH4qhHXQLSF0+WXoFCb07XC0foFBYbjMyS4 PpkKIjlTBEZkUPIX5tZpUJiVwt/exB5bvnvFW5OPYrdpb7iPAZCo2dV7luK58uXslklJ yszX6bL2WlAzsiNdycwCGuxh/xfiAax9tN9YEZZY2Z87kBqFO5LG1qxHvh09m8RxIypg zRty2bw+Ycz3mIlutIZMgT/mHKJnJxUid8GZCThhYni0rIvmnx31ThDsmpvNOiygpqHT HDW+OrvJkZT98iKZS7rHf5wWXrUPHPZX0YB5m2ziTJb+UOsukpsIwiX8jWrZSu2jyu0T OEWQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683680948; x=1686272948; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=ateTvMa5FVjUhneHfMXPWTJ+mEW1oJMct3wYvjdr1hE=; b=FtNZuj7yHnBH1+dggX+Slj+7/PlgD6G8P7g5F72q6BOVKrDfZmFM4w6E1mhIlgUyuk NLiA4KpnfXc4L0a/ebWHpoqXgB7EA66dw3nd68URwJy6WW1OrikDfWBhQtjk/KOjaGEz FIQ77WOTQDH6Q6sm+jIapnV9CgN5zYLyiepHeH/6PMPzJuLeU437TI7jJdcJhouug/Iy oZ/7tWIyfgn3XjJQi1zjdBUHqZbclZGu2pVcbdxIiRK27aBfJVvyFjv9qrYX3MacQxKi dRaMTAoT8rbant0wzf90qfWKq8/Tcakbl35cIaouisES0DEsQYbtUfAOhxr7foYUbGNB /kDQ== X-Gm-Message-State: AC+VfDxCtzqomEXLriqaCTaQZ3l0uPpY2vLRcX1QIj56PuQwIcZ2frXp FUfkURr3OOcaRtEA4KuLeeLrKlZeFc0= X-Google-Smtp-Source: ACHHUZ7vWmQNSTS7sEwkxSvCzpiPVbpuYUGq57XxKL/OJYxcPMXyeWBkqCX0HdpCvGkoZShXJbK+Rw== X-Received: by 2002:a05:6214:f26:b0:5f0:23be:a302 with SMTP id iw6-20020a0562140f2600b005f023bea302mr27388791qvb.9.1683680948353; Tue, 09 May 2023 18:09:08 -0700 (PDT) Received: from localhost.localdomain (dsl-156-94.b2b2c.ca. [66.158.156.94]) by smtp.gmail.com with ESMTPSA id z29-20020ac8431d000000b003f3941ba4d9sm972632qtm.32.2023.05.09.18.09.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 09 May 2023 18:09:07 -0700 (PDT) From: Maxim Cournoyer Date: Tue, 9 May 2023 21:08:59 -0400 Message-Id: X-Mailer: git-send-email 2.39.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Received-SPF: pass client-ip=2607:f8b0:4864:20::f2d; envelope-from=maxim.cournoyer@gmail.com; helo=mail-qv1-xf2d.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US ARC-Seal: i=1; s=key1; d=yhetil.org; t=1683681025; a=rsa-sha256; cv=none; b=E5kEr1/qvmprk+37HPX5ti8K/mZ7fegePddtakgkIOiEN1jUYFka0ybTVIyp9oL9kHuEFZ HNPMH20W+YrcgQvc65crel7Fac3hq+0vhlObFSgz2xK72x3nItHLsCEAp5Q2TRdBdA4j2s Pd0Na4L17hvg5RAwxZ8a1SmHIDJhiThuZ+gDRsKu3wXb9kAZRvIp1bagPcZVvpgxK1sj4Q Ipgo01odElbw8ndwHi3/Ban0yAdxuXMvXilV3y7LHx9YoX7usOuYXMkY9gN85TFvgnI6vH cIfgFOFvSh1DsYtNvI1Ckq6OCSFJCz/KKWbM+IylnaPtph5Dsj608ZAIGlAUSw== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20221208 header.b=Pkv7ZmVb; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1683681025; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:list-id:list-help: list-unsubscribe:list-subscribe:list-post:dkim-signature; bh=ateTvMa5FVjUhneHfMXPWTJ+mEW1oJMct3wYvjdr1hE=; b=jDjLSRVtjq/T672VCL4nBSXfViyfIwZKCmpchO1O6o+qSJmsQyGzBCN+U57GmON5u+RNK9 p5MSBV75JIO542gvjOFmChyfTbdXgrogR2mFupZ2vq12O2DgJFTohLEDCV+68HD38b5fii yrkTzRWfhARDJ/yBMqjyn3Acs/K1Nm7sjeoGAP63b0zNHCVVmwqF7jfKyuhJJS1pnjEmSF ZyUeiUh1z0yrxanNjTFYYGccanHj10NnYyh9ZGeqjM5qMVUM7WrXexjf80i3Ewdpzf5088 mQJ9eK4bPCk+S7Gwwy8GQwh3bHB6VKDqum8DVUgu3vpU3Sl8YUIF/s0rdb5OqQ== X-Migadu-Scanner: scn1.migadu.com Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=gmail.com header.s=20221208 header.b=Pkv7ZmVb; dmarc=fail reason="SPF not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: 6.12 X-Spam-Score: 6.12 X-Migadu-Queue-Id: 8DD4A39923 X-TUID: 4ShJRPpQKVdg Hi, This change adds an option to monitor dynamic IP hosts used as endpoints in Wireguard peer configuration and restart the service when the IP captured by Wireguard has changed. We have a keep-alive option already but this doesn't completely prevent a connection from becoming stale, for example when the Wireguard *server* is hosted on a machine with a dynamic IP and the Wireguard *clients* are the ones initiating the connection to it. When the Wireguard server disappears (in my case my ISP resets my IP once per day, which breaks active connections), the keep-alives are interrupted and the clients are stuck with a stale IP. I've tested this with a duckdns.org dynamic host name that I use to reach my private machine from the Internet, and it seems to work. I'll report after a few days of usage. Maxim Cournoyer (1): services: wireguard: Implement a dynamic IP monitoring feature. Makefile.am | 1 + doc/guix.texi | 18 +++++- gnu/services/vpn.scm | 122 +++++++++++++++++++++++++++++++++++++++-- tests/services/vpn.scm | 80 +++++++++++++++++++++++++++ 4 files changed, 215 insertions(+), 6 deletions(-) create mode 100644 tests/services/vpn.scm base-commit: 7f89eee664c18d4d8214abf17cdad0e24096a5e7 -- 2.39.2