12 #include <esp_wireguard.h> 13 #include <esp_wireguard_err.h> 18 static const char *
const TAG =
"wireguard";
24 #define LOGMSG_PEER_STATUS "WireGuard remote peer is %s (latest handshake %s)" 26 static const char *
const LOGMSG_ONLINE =
"online";
27 static const char *
const LOGMSG_OFFLINE =
"offline";
30 ESP_LOGD(TAG,
"initializing WireGuard...");
41 this->
wg_config_.preshared_key = this->preshared_key_.c_str();
48 ESP_LOGI(TAG,
"WireGuard initialized");
53 #ifdef USE_TEXT_SENSOR 59 ESP_LOGE(TAG,
"cannot initialize WireGuard, error code %d", this->
wg_initialized_);
70 ESP_LOGV(TAG,
"local network connection has been lost, stopping WireGuard...");
80 ESP_LOGV(TAG,
"enabled=%d, connected=%d, peer_up=%d, handshake: current=%.0f latest=%.0f updated=%d",
85 this->latest_saved_handshake_ = lhs;
88 std::string latest_handshake =
89 (this->latest_saved_handshake_ > 0)
91 :
"timestamp not available";
95 ESP_LOGI(TAG, LOGMSG_PEER_STATUS, LOGMSG_ONLINE, latest_handshake.c_str());
98 ESP_LOGD(TAG, LOGMSG_PEER_STATUS, LOGMSG_ONLINE, latest_handshake.c_str());
102 ESP_LOGW(TAG, LOGMSG_PEER_STATUS, LOGMSG_OFFLINE, latest_handshake.c_str());
104 }
else if (this->enabled_) {
105 ESP_LOGD(TAG, LOGMSG_PEER_STATUS, LOGMSG_OFFLINE, latest_handshake.c_str());
112 ESP_LOGE(TAG,
"WireGuard remote peer is unreachable, rebooting...");
118 #ifdef USE_BINARY_SENSOR 132 ESP_LOGCONFIG(TAG,
"WireGuard:");
133 ESP_LOGCONFIG(TAG,
" Address: %s", this->
address_.c_str());
134 ESP_LOGCONFIG(TAG,
" Netmask: %s", this->
netmask_.c_str());
136 ESP_LOGCONFIG(TAG,
" Peer Endpoint: " LOG_SECRET(
"%s"), this->
peer_endpoint_.c_str());
137 ESP_LOGCONFIG(TAG,
" Peer Port: " LOG_SECRET(
"%d"), this->
peer_port_);
138 ESP_LOGCONFIG(TAG,
" Peer Public Key: " LOG_SECRET(
"%s"), this->
peer_public_key_.c_str());
139 ESP_LOGCONFIG(TAG,
" Peer Pre-shared Key: " LOG_SECRET(
"%s"),
141 ESP_LOGCONFIG(TAG,
" Peer Allowed IPs:");
143 ESP_LOGCONFIG(TAG,
" - %s/%s", std::get<0>(allowed_ip).c_str(), std::get<1>(allowed_ip).c_str());
145 ESP_LOGCONFIG(TAG,
" Peer Persistent Keepalive: %d%s", this->
keepalive_,
146 (this->
keepalive_ > 0 ?
"s" :
" (DISABLED)"));
147 ESP_LOGCONFIG(TAG,
" Reboot Timeout: %" PRIu32
"%s", (this->
reboot_timeout_ / 1000),
150 ESP_LOGCONFIG(TAG,
" Require Connection to Proceed: %s", (this->
proceed_allowed_ ?
"NO" :
"YES"));
151 LOG_UPDATE_INTERVAL(
this);
160 (esp_wireguardif_peer_is_up(&(this->
wg_ctx_)) == ESP_OK);
165 if (esp_wireguard_latest_handshake(&(this->
wg_ctx_), &result) != ESP_OK) {
187 #ifdef USE_BINARY_SENSOR 196 #ifdef USE_TEXT_SENSOR 204 ESP_LOGI(TAG,
"WireGuard enabled");
211 ESP_LOGI(TAG,
"WireGuard disabled");
216 #ifdef USE_BINARY_SENSOR 227 ESP_LOGV(TAG,
"WireGuard is disabled, cannot start connection");
232 ESP_LOGE(TAG,
"cannot start WireGuard, initialization in error with code %d", this->
wg_initialized_);
237 ESP_LOGD(TAG,
"WireGuard is waiting for local network connection to be available");
242 ESP_LOGD(TAG,
"WireGuard is waiting for system time to be synchronized");
247 ESP_LOGV(TAG,
"WireGuard connection already started");
251 ESP_LOGD(TAG,
"starting WireGuard connection...");
255 ESP_LOGI(TAG,
"WireGuard connection started");
257 ESP_LOGD(TAG,
"WireGuard is waiting for endpoint IP address to be available");
260 ESP_LOGW(TAG,
"cannot start WireGuard connection, error code %d", this->
wg_connected_);
264 ESP_LOGD(TAG,
"configuring WireGuard allowed IPs list...");
265 bool allowed_ips_ok =
true;
266 for (std::tuple<std::string, std::string> ip : this->
allowed_ips_) {
268 (esp_wireguard_add_allowed_ip(&(this->
wg_ctx_), std::get<0>(ip).c_str(), std::get<1>(ip).c_str()) == ESP_OK);
271 if (allowed_ips_ok) {
272 ESP_LOGD(TAG,
"allowed IPs list configured correctly");
274 ESP_LOGE(TAG,
"cannot configure WireGuard allowed IPs list, aborting...");
282 ESP_LOGD(TAG,
"stopping WireGuard connection...");
283 esp_wireguard_disconnect(&(this->
wg_ctx_));
288 std::string
mask_key(
const std::string &key) {
return (key.substr(0, 5) +
"[...]="); }
void set_status_sensor(binary_sensor::BinarySensor *sensor)
ESPTime now()
Get the time in the currently defined timezone.
std::string preshared_key_
wireguard_config_t wg_config_
binary_sensor::BinarySensor * status_sensor_
void set_preshared_key(const std::string &key)
uint32_t wg_peer_offline_time_
The last time the remote peer become offline.
text_sensor::TextSensor * address_sensor_
size_t strftime(char *buffer, size_t buffer_len, const char *format)
Convert this ESPTime struct to a null-terminated c string buffer as specified by the format argument...
sensor::Sensor * handshake_sensor_
The RealTimeClock class exposes common timekeeping functions via the device's local real-time clock...
time::RealTimeClock * srctime_
bool proceed_allowed_
Set to false to block the setup step until peer is connected.
void defer(const std::string &name, std::function< void()> &&f)
Defer a callback to the next loop() call.
void add_on_time_sync_callback(std::function< void()> callback)
void disable_auto_proceed()
Block the setup step until peer is connected.
void set_address(const std::string &address)
void set_keepalive(uint16_t seconds)
std::string mask_key(const std::string &key)
Strip most part of the key only for secure printing.
void enable()
Enable the WireGuard component.
void publish_state(const std::string &state)
bool is_connected()
Return whether the node is connected to the network (through wifi, eth, ...)
void set_address_sensor(text_sensor::TextSensor *sensor)
uint32_t IRAM_ATTR HOT millis()
time_t latest_saved_handshake_
The latest saved handshake.
void set_private_key(const std::string &key)
esp_err_t wg_initialized_
bool enabled_
When false the wireguard link will not be established.
void set_srctime(time::RealTimeClock *srctime)
static ESPTime from_epoch_local(time_t epoch)
Convert an UTC epoch timestamp to a local time ESPTime instance.
void on_shutdown() override
std::string peer_endpoint_
void publish_state(float state)
Publish a new state to the front-end.
void add_allowed_ip(const std::string &ip, const std::string &netmask)
void set_reboot_timeout(uint32_t seconds)
Application App
Global storage of Application pointer - only one Application can exist.
void set_netmask(const std::string &netmask)
void publish_state(bool state)
Publish a new state to the front-end.
bool is_valid() const
Check if this ESPTime is valid (all fields in range and year is greater than 2018) ...
binary_sensor::BinarySensor * enabled_sensor_
void disable()
Stop any running connection and disable the WireGuard component.
void publish_enabled_state()
Publish the enabled state if the enabled binary sensor is configured.
void set_peer_endpoint(const std::string &endpoint)
virtual void mark_failed()
Mark this component as failed.
bool can_proceed() override
time_t get_latest_handshake() const
This is a workaround until we can figure out a way to get the tflite-micro idf component code availab...
Base class for all binary_sensor-type classes.
std::string peer_public_key_
bool is_enabled()
Return if the WireGuard component is or is not enabled.
void set_handshake_sensor(sensor::Sensor *sensor)
Base-class for all sensors.
void dump_config() override
void set_peer_public_key(const std::string &key)
void set_enabled_sensor(binary_sensor::BinarySensor *sensor)
void set_peer_port(uint16_t port)
std::vector< std::tuple< std::string, std::string > > allowed_ips_
