From 6bd18c472a6512fc025eebbc75f37d2f6703d18d Mon Sep 17 00:00:00 2001
From: Alejandro Mery <amery@jpi.io>
Date: Sat, 26 Aug 2023 16:37:41 +0000
Subject: [PATCH] WIP

Signed-off-by: Alejandro Mery <amery@jpi.io>
---
 pkg/zones/machine.go       | 18 ++++++++++
 pkg/zones/machine_rings.go | 52 +++++++++++++++++++++++++++++
 pkg/zones/sync.go          |  4 +--
 pkg/zones/zone_rings.go    | 68 +++++++++++++++++++++++++++++++++++++-
 4 files changed, 139 insertions(+), 3 deletions(-)

diff --git a/pkg/zones/machine.go b/pkg/zones/machine.go
index 0a49ad3..1dd64a2 100644
--- a/pkg/zones/machine.go
+++ b/pkg/zones/machine.go
@@ -43,6 +43,24 @@ func (m *Machine) IsGateway() bool {
 	return ok
 }
 
+// SetGateway enables/disables a Machine ring0 integration
+func (m *Machine) SetGateway(enabled bool) error {
+	ri, found := m.getRingInfo(0)
+	switch {
+	case !found && !enabled:
+		return nil
+	case !found:
+		var err error
+
+		if ri, err = m.createRingInfo(0, false); err != nil {
+			return err
+		}
+	}
+
+	ri.Enabled = enabled
+	return m.SyncWireguardConfig(0)
+}
+
 // Zone indicates the [Zone] this machine belongs to
 func (m *Machine) Zone() int {
 	return m.zone.ID
diff --git a/pkg/zones/machine_rings.go b/pkg/zones/machine_rings.go
index bd67099..4ca1911 100644
--- a/pkg/zones/machine_rings.go
+++ b/pkg/zones/machine_rings.go
@@ -261,3 +261,55 @@ func (m *Machine) RemoveWireguardConfig(ring int) error {
 
 	return err
 }
+
+// SyncWireguardConfig updates all wgN.conf files for the specified
+// ring
+func (m *Machine) SyncWireguardConfig(ring int) error {
+	return m.zone.SyncWireguardConfig(ring)
+}
+
+// WriteWireguardConfig ...
+func (m *Machine) WriteWireguardConfig(ring int) error {
+	r, err := NewRing(m.zone.zones, m.zone, ring)
+	if err != nil {
+		return err
+	}
+
+	return m.writeWireguardRingConfig(r)
+}
+
+func (m *Machine) writeWireguardRingConfig(r *Ring) error {
+	wg, err := r.ExportConfig(m)
+	if err != nil {
+		return nil
+	}
+
+	f, err := m.CreateTruncFile("wg%v.conf", r.ID)
+	if err != nil {
+		return err
+	}
+	defer f.Close()
+
+	_, err = wg.WriteTo(f)
+	return err
+}
+
+func (m *Machine) createRingInfo(ring int, enabled bool) (*RingInfo, error) {
+	keys, err := wireguard.NewKeyPair()
+	if err != nil {
+		return nil, err
+	}
+
+	ri := &RingInfo{
+		Ring:    ring,
+		Enabled: enabled,
+		Keys:    keys,
+	}
+
+	err = m.applyRingInfo(ring, ri)
+	if err != nil {
+		return nil, err
+	}
+
+	return ri, nil
+}
diff --git a/pkg/zones/sync.go b/pkg/zones/sync.go
index 76e3776..71b8951 100644
--- a/pkg/zones/sync.go
+++ b/pkg/zones/sync.go
@@ -18,12 +18,12 @@ func (m *Zones) SyncAllWireguard() error {
 	var err error
 
 	for ring := 0; ring < RingsCount; ring++ {
-		err = m.PruneWireguardConfig(ring)
+		err = m.WriteWireguardKeys(ring)
 		if err != nil {
 			return err
 		}
 
-		err = m.WriteWireguardKeys(ring)
+		err = m.SyncWireguardConfig(ring)
 		if err != nil {
 			return err
 		}
diff --git a/pkg/zones/zone_rings.go b/pkg/zones/zone_rings.go
index 25db1bc..4848347 100644
--- a/pkg/zones/zone_rings.go
+++ b/pkg/zones/zone_rings.go
@@ -1,6 +1,33 @@
 package zones
 
-import "os"
+import (
+	"io/fs"
+	"os"
+)
+
+var (
+	_ machineRinger = (*Zone)(nil)
+	_ machineRinger = (*Zones)(nil)
+)
+
+type machineRinger interface {
+	MachineIterator
+
+	PruneWireguardConfig(ring int) error
+}
+
+// SyncWireguardConfig updates all wgN.conf files for the specified
+// ring
+func (z *Zone) SyncWireguardConfig(ring int) error {
+	switch ring {
+	case 0:
+		return syncWireguardConfig(z.zones, z.zones, ring)
+	case 1:
+		return syncWireguardConfig(z.zones, z, ring)
+	default:
+		return fs.ErrInvalid
+	}
+}
 
 // PruneWireguardConfig removes wgN.conf files of machines with
 // the corresponding ring disabled.
@@ -13,6 +40,24 @@ func (z *Zone) WriteWireguardKeys(ring int) error {
 	return writeWireguardKeys(z, ring)
 }
 
+// SyncWireguardConfig updates all wgN.conf files for the specified
+// ring
+func (m *Zones) SyncWireguardConfig(ring int) error {
+	switch ring {
+	case 0:
+		return syncWireguardConfig(m, m, ring)
+	case 1:
+		var err error
+		m.ForEachZone(func(z *Zone) bool {
+			err = syncWireguardConfig(m, z, ring)
+			return err != nil
+		})
+		return err
+	default:
+		return fs.ErrInvalid
+	}
+}
+
 // PruneWireguardConfig removes wgN.conf files of machines with
 // the corresponding ring disabled on all zones
 func (m *Zones) PruneWireguardConfig(ring int) error {
@@ -24,6 +69,27 @@ func (m *Zones) WriteWireguardKeys(ring int) error {
 	return writeWireguardKeys(m, ring)
 }
 
+func syncWireguardConfig(z ZoneIterator, m machineRinger, ring int) error {
+	err := m.PruneWireguardConfig(ring)
+	if err != nil {
+		return err
+	}
+
+	r, err := NewRing(z, m, ring)
+	if err != nil {
+		return err
+	}
+
+	m.ForEachMachine(func(p *Machine) bool {
+		if _, ok := p.getRingInfo(ring); ok {
+			err = p.writeWireguardRingConfig(r)
+		}
+		return err != nil
+	})
+
+	return err
+}
+
 func pruneWireguardConfig(m MachineIterator, ring int) error {
 	var err error