Merge pull request #42 from isemichastnov/pass-client-peer-persistent…

…-keepalive add option to pass client.PersistentKeepalive to peer config
bryopsida · Feb 9, 2024 · 25e4c7e · 25e4c7e
2 parents c561033 + d9c39f5
commit 25e4c7e
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 5 deletions.
diff --git a/helm/wireguard/Chart.yaml b/helm/wireguard/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
 name: wireguard
 description: A Helm chart for managing a wireguard vpn in kubernetes
 type: application
-version: 0.18.0
+version: 0.19.0
 appVersion: "0.0.0"
 maintainers:
   - name: bryopsida
diff --git a/helm/wireguard/README.md b/helm/wireguard/README.md
@@ -1,6 +1,6 @@
 # wireguard
 
-![Version: 0.18.0](https://img.shields.io/badge/Version-0.18.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.0](https://img.shields.io/badge/AppVersion-0.0.0-informational?style=flat-square)
+![Version: 0.19.0](https://img.shields.io/badge/Version-0.19.0-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 0.0.0](https://img.shields.io/badge/AppVersion-0.0.0-informational?style=flat-square)
 
 A Helm chart for managing a wireguard vpn in kubernetes
 
@@ -106,10 +106,10 @@ A Helm chart for managing a wireguard vpn in kubernetes
 | useHostPort | bool | `false` | Expose VPN service on hostPort |
 | volumeMounts | object | `{}` | Passthrough pod volume mounts |
 | volumes | object | `{}` | Passthrough pod volumes |
-| wireguard.clients | list | `[]` | A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags), stored in secret |
+| wireguard.clients | list | `[]` | A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags) and PersistentKeepalive (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence), stored in secret |
 | wireguard.natAddSourceNet | bool | `true` | Add the serverCidr to the nat source net option |
 | wireguard.serverAddress | string | `"10.34.0.1/24"` | Address of the VPN server |
 | wireguard.serverCidr | string | `"10.34.0.0/24"` | Subnet for your VPN, take care not to clash with cluster POD cidr |
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.3](https://github.com/norwoodj/helm-docs/releases/v1.11.3)
+Autogenerated from chart metadata using [helm-docs v1.12.0](https://github.com/norwoodj/helm-docs/releases/v1.12.0)
diff --git a/helm/wireguard/templates/config.yaml b/helm/wireguard/templates/config.yaml
@@ -20,6 +20,9 @@ AllowedIPs = {{ .AllowedIPs }}
 {{- if .PresharedKey }}
 PresharedKey = {{ .PresharedKey }}
 {{- end }}
+{{- if .PersistentKeepalive }}
+PersistentKeepalive = {{ .PersistentKeepalive }}
+{{- end }}
 
 {{- end }}
 # End Clients

diff --git a/helm/wireguard/values.yaml b/helm/wireguard/values.yaml
@@ -41,14 +41,16 @@ wireguard:
   serverCidr: 10.34.0.0/24
   # -- Add the serverCidr to the nat source net option
   natAddSourceNet: true
-  # -- A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags), stored in secret
+  # -- A collection of clients that will be added to wg0.conf, accepts objects with keys PublicKey and AllowedIPs (mandatory) and optional FriendlyName or FriendlyJson (https://github.com/MindFlavor/prometheus_wireguard_exporter#friendly-tags) and PersistentKeepalive (https://www.wireguard.com/quickstart/#nat-and-firewall-traversal-persistence), stored in secret
   clients: []
     # - FriendlyName: username1
     #   ## FriendlyJson will override FriendlyName
     #   # FriendlyJson:
     #   #   username: "username1"
     #   AllowedIPs: 10.34.0.101/32
     #   PublicKey: QTxoajwVHWZ7qqVwY2F9T1L04M0j5GSNC15++LZw1iA=
+    #   # Normally PersistentKeepalive is not required
+    #   #PersistentKeepalive: 25
 securityContext:
   runAsNonRoot: true
   runAsUser: 1000