fix(server): register preloaded WireGuard clients as peers on server startup

2026-03-31 03:35:54 +00:00
parent c3f180e264
commit 20ef92599b
3 changed files with 30 additions and 1 deletions
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,12 @@
 # Changelog

+## 2026-03-31 - 1.16.4 - fix(server)
+register preloaded WireGuard clients as peers on server startup
+
+- Adds configured clients from the runtime registry to the WireGuard listener when the server starts.
+- Ensures clients loaded from config can complete WireGuard handshakes without requiring separate peer registration.
+- Logs a warning if automatic peer registration fails for an individual client.
+
 ## 2026-03-31 - 1.16.3 - fix(rust-nat)
 defer TCP bridge startup until handshake completion and buffer partial NAT socket writes

--- a/rust/src/server.rs
+++ b/rust/src/server.rs
@@ -372,6 +372,28 @@ impl VpnServer {
        }

        info!("VPN server started (transport: {})", transport_mode);
+
+        // Register pre-loaded clients (from config.clients) as WG peers.
+        // The WG listener only starts with config.wg_peers; clients loaded into the
+        // registry need to be dynamically added so WG handshakes work.
+        if self.wg_command_tx.is_some() {
+            let registry = state.client_registry.read().await;
+            for entry in registry.list() {
+                if let (Some(ref wg_key), Some(ref ip_str)) = (&entry.wg_public_key, &entry.assigned_ip) {
+                    let peer_config = crate::wireguard::WgPeerConfig {
+                        public_key: wg_key.clone(),
+                        preshared_key: None,
+                        allowed_ips: vec![format!("{}/32", ip_str)],
+                        endpoint: None,
+                        persistent_keepalive: Some(25),
+                    };
+                    if let Err(e) = self.add_wg_peer(peer_config).await {
+                        warn!("Failed to register pre-loaded WG peer for {}: {}", entry.client_id, e);
+                    }
+                }
+            }
+        }
+
        Ok(())
    }

--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@push.rocks/smartvpn',
-  version: '1.16.3',
+  version: '1.16.4',
  description: 'A VPN solution with TypeScript control plane and Rust data plane daemon'
 }