On Sat, Jan 02, 2021 at 03:37:09PM +0100, Jason A. Donenfeld wrote: > Hi, > > I was thinking recently that most people have switched from a model of > updating the runtime configuration and then reading that back into a > config file, to editing the config file and then syncing that with the > runtime config. In other words, people have moved from doing: > > # wg set wg0 peer ... allowed-ips ... > # wg-quick save wg0 > > To doing: > > # vim /etc/wireguard/wg0.conf > # wg syncconf wg0 <(wg-quick strip wg0) > > I think this is mostly a positive change too in terms of reliability. > Reading back the runtime configuration was always a bit hit or miss, > and I suspect that more times than not people have been confused by > SaveConfig=true. > > That raises the question: are there good uses left for SaveConfig=true > and `wg-quick save` that warrant keeping the feature around? > Temporarily caching a roamed endpoint IP, perhaps, but how helpful is > that? > > I haven't thought too deeply about this in order to be wedded to one > outcome over the other yet, but seeing some confusion today, again, in > #wireguard over the feature made me wonder. > > Any opinions on this? Any one on this list actively use this feature > and see replacements for it (e.g. syncconf) as clearly inferior? > > Jason
Hi Jason Being an old fashioned Unix admin, ~30 years spent in this job, I vote for the traditional way of doing it: change the config file and let the application reread it. I think the KISS principle is still valid ;-) Thanks for the excellent software, Jason! Regards, Chris
