cli: set MTU in wg-quick conf

2025-01-11 23:49:30 -05:00 · 2022-03-31 16:40:59 +02:00 · 2022-03-31 16:40:59 +02:00 · c0105a59aa
commit c0105a59aa
parent 935b2a4490
5 changed files with 20 additions and 12 deletions
--- a/cli/cmd/constants.go
+++ b/cli/cmd/constants.go
@ -1,13 +1,17 @@
 package cmd
-// wireguardKeyLength is the length of a WireGuard key in byte.
+const (
-const wireguardKeyLength = 32
+	// wireguardAdminMTU is the MTU designated for the admin's WireGuard interface.
 	//
 	// WireGuard doesn't support Path MTU Discovery. Thus, its default MTU can be too high on some networks.
 	wireguardAdminMTU = 1300
 	// masterSecretLengthDefault is the default length in bytes for CLI generated master secrets.
-const masterSecretLengthDefault = 32
+	masterSecretLengthDefault = 32
 	// masterSecretLengthMin is the minimal length in bytes for user provided master secrets.
-const masterSecretLengthMin = 16
+	masterSecretLengthMin = 16
 	// constellationNameLength is the maximum length of a Constellation's name.
-const constellationNameLength = 37
+	constellationNameLength = 37
 )
--- a/cli/cmd/init.go
+++ b/cli/cmd/init.go
@ -217,7 +217,7 @@ func (r activationResult) writeWGQuickFile(fileHandler file.Handler, config *con
 	if err != nil {
 		return fmt.Errorf("create wg config: %w", err)
 	}
-	data, err := vpn.NewWGQuickConfig(wgConf, r.clientVpnIP)
+	data, err := vpn.NewWGQuickConfig(wgConf, r.clientVpnIP, wireguardAdminMTU)
 	if err != nil {
 		return fmt.Errorf("create wg-quick config: %w", err)
 	}
--- a/cli/cmd/init_test.go
+++ b/cli/cmd/init_test.go
@ -5,6 +5,7 @@ import (
 	"context"
 	"encoding/base64"
 	"errors"
 	"fmt"
 	"strconv"
 	"strings"
 	"testing"
@ -728,7 +729,7 @@ func TestWriteWGQuickFile(t *testing.T) {
 				assert.NoError(err)
 				file, err := tc.fileHandler.Read(*tc.config.WGQuickConfigPath)
 				assert.NoError(err)
-				assert.NotEmpty(file)
+				assert.Contains(string(file), fmt.Sprint("MTU = ", wireguardAdminMTU))
 			}
 		})
 	}
--- a/cli/vpn/vpn.go
+++ b/cli/vpn/vpn.go
@ -148,7 +148,7 @@ func NewConfig(coordinatorPubKey, coordinatorPubIP, clientPrivKey string) (wgtyp
 }
 // NewWGQuickConfig create a new WireGuard wg-quick configuration file and mashals it to bytes.
-func NewWGQuickConfig(config wgtypes.Config, clientVPNIP string) ([]byte, error) {
+func NewWGQuickConfig(config wgtypes.Config, clientVPNIP string, mtu int) ([]byte, error) {
 	clientIP := net.ParseIP(clientVPNIP)
 	if clientIP == nil {
 		return nil, fmt.Errorf("invalid client vpn ip '%s'", clientVPNIP)
@ -156,6 +156,7 @@ func NewWGQuickConfig(config wgtypes.Config, clientVPNIP string) ([]byte, error)
 	quickfile := wgquick.Config{
 		Config:  config,
 		Address: []net.IPNet{{IP: clientIP, Mask: []byte{255, 255, 0, 0}}},
 		MTU:     mtu,
 	}
 	data, err := quickfile.MarshalText()
 	if err != nil {
--- a/cli/vpn/vpn_test.go
+++ b/cli/vpn/vpn_test.go
@ -192,7 +192,8 @@ func TestNewWGQuickConfig(t *testing.T) {
 		t.Run(name, func(t *testing.T) {
 			assert := assert.New(t)
-			quickFile, err := NewWGQuickConfig(tc.config, tc.clientVPNIP)
+			const mtu = 2
 			quickFile, err := NewWGQuickConfig(tc.config, tc.clientVPNIP, mtu)
 			if tc.wantErr {
 				assert.Error(err)
@ -202,6 +203,7 @@ func TestNewWGQuickConfig(t *testing.T) {
 				assert.NoError(quickConfig.UnmarshalText(quickFile))
 				assert.Equal(tc.config.PrivateKey, quickConfig.PrivateKey)
 				assert.Equal(tc.clientVPNIP, quickConfig.Address[0].IP.String())
 				assert.Equal(mtu, quickConfig.MTU)
 			}
 		})
 	}