From 3dbd7648d90f864e2829b44a7c6648e1d6e358c2 Mon Sep 17 00:00:00 2001
From: kaiyou <dev@kaiyou.fr>
Date: Sun, 5 Nov 2023 15:27:38 +0100
Subject: [PATCH] Fix the wireguard setup, add a /128 for every node instead of
 prefix

---
 wg/peer.go      | 4 +++-
 wg/wireguard.go | 9 +++++----
 2 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/wg/peer.go b/wg/peer.go
index 6750023..4f184c0 100644
--- a/wg/peer.go
+++ b/wg/peer.go
@@ -21,9 +21,11 @@ func (w *Wireguard) peerToWgConfig(p Peer) (wgtypes.PeerConfig, error) {
 		return wgtypes.PeerConfig{}, err
 	}
 	overlay := p.OverlayIP()
+	// Add the peer itself as a /128 directly, so that the peer overlay ip is both
+	// accepted and added to the route table
 	allowed := []net.IPNet{{
 		IP:   overlay.Addr().AsSlice(),
-		Mask: net.CIDRMask(overlay.Bits(), overlay.Addr().BitLen()),
+		Mask: net.CIDRMask(overlay.Addr().BitLen(), overlay.Addr().BitLen()),
 	}}
 	for _, route := range p.Routes() {
 		allowed = append(allowed, net.IPNet{
diff --git a/wg/wireguard.go b/wg/wireguard.go
index 81697eb..460fae4 100644
--- a/wg/wireguard.go
+++ b/wg/wireguard.go
@@ -89,16 +89,17 @@ func (w *Wireguard) Update(peers []Peer, mtu int) error {
 	}
 	// Setup peers, add routes even before we configure keys, this is harmless
 	// and makes the code way simpler
-	peerConfigs := make([]wgtypes.PeerConfig, len(peers))
-	for i, peer := range peers {
+	peerConfigs := []wgtypes.PeerConfig{}
+	for _, peer := range peers {
 		config, err := w.peerToWgConfig(peer)
 		if err != nil {
 			w.logger.Info("invalid peer", "name", peer.Hostname())
 			continue
 		}
+		w.logger.Info("new peer", "config", config)
 		for _, route := range config.AllowedIPs {
 			var gw net.IP
-			w.logger.Info("new route", "dest", route.String())
+			w.logger.Info("adding route", "dest", route.String())
 			scope := netlink.SCOPE_LINK
 			// Convert back and forth net and netip, this is ugly but makes
 			// the code structure simpler
@@ -117,7 +118,7 @@ func (w *Wireguard) Update(peers []Peer, mtu int) error {
 				w.logger.Error(err, "could not add route", "route", route)
 			}
 		}
-		peerConfigs[i] = config
+		peerConfigs = append(peerConfigs, config)
 	}
 	// Finally update the device crypto and peer list
 	err = w.client.ConfigureDevice(w.iface, wgtypes.Config{
-- 
GitLab