From 20ef92599b16077caa70530bc2165d41ca85cebb Mon Sep 17 00:00:00 2001 From: Juergen Kunz Date: Tue, 31 Mar 2026 03:35:54 +0000 Subject: [PATCH] fix(server): register preloaded WireGuard clients as peers on server startup --- changelog.md | 7 +++++++ rust/src/server.rs | 22 ++++++++++++++++++++++ ts/00_commitinfo_data.ts | 2 +- 3 files changed, 30 insertions(+), 1 deletion(-) diff --git a/changelog.md b/changelog.md index 84abfe2..a1e6d65 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,12 @@ # Changelog +## 2026-03-31 - 1.16.4 - fix(server) +register preloaded WireGuard clients as peers on server startup + +- Adds configured clients from the runtime registry to the WireGuard listener when the server starts. +- Ensures clients loaded from config can complete WireGuard handshakes without requiring separate peer registration. +- Logs a warning if automatic peer registration fails for an individual client. + ## 2026-03-31 - 1.16.3 - fix(rust-nat) defer TCP bridge startup until handshake completion and buffer partial NAT socket writes diff --git a/rust/src/server.rs b/rust/src/server.rs index 1d6e5a3..76f5ae6 100644 --- a/rust/src/server.rs +++ b/rust/src/server.rs @@ -372,6 +372,28 @@ impl VpnServer { } info!("VPN server started (transport: {})", transport_mode); + + // Register pre-loaded clients (from config.clients) as WG peers. + // The WG listener only starts with config.wg_peers; clients loaded into the + // registry need to be dynamically added so WG handshakes work. + if self.wg_command_tx.is_some() { + let registry = state.client_registry.read().await; + for entry in registry.list() { + if let (Some(ref wg_key), Some(ref ip_str)) = (&entry.wg_public_key, &entry.assigned_ip) { + let peer_config = crate::wireguard::WgPeerConfig { + public_key: wg_key.clone(), + preshared_key: None, + allowed_ips: vec![format!("{}/32", ip_str)], + endpoint: None, + persistent_keepalive: Some(25), + }; + if let Err(e) = self.add_wg_peer(peer_config).await { + warn!("Failed to register pre-loaded WG peer for {}: {}", entry.client_id, e); + } + } + } + } + Ok(()) } diff --git a/ts/00_commitinfo_data.ts b/ts/00_commitinfo_data.ts index afe8452..17b6713 100644 --- a/ts/00_commitinfo_data.ts +++ b/ts/00_commitinfo_data.ts @@ -3,6 +3,6 @@ */ export const commitinfo = { name: '@push.rocks/smartvpn', - version: '1.16.3', + version: '1.16.4', description: 'A VPN solution with TypeScript control plane and Rust data plane daemon' }