Merge pull request #4369 from natali-rs1985/T7166

dmbaturin · web-flow · commit 22af5b3e8a7c · 2025-02-27T16:10:03.000Z
wireguard: T7166: Call vxlan dependency if interface exist
diff --git a/data/config-mode-dependencies/vyos-1x.json b/data/config-mode-dependencies/vyos-1x.json
@@ -14,6 +14,9 @@
         "vxlan": ["interfaces_vxlan"],
         "wlan": ["interfaces_wireless"]
     },
+    "interfaces_wireguard": {
+        "vxlan": ["interfaces_vxlan"]
+    },
     "load_balancing_wan": {
         "conntrack": ["system_conntrack"]
     },
diff --git a/src/conf_mode/interfaces_wireguard.py b/src/conf_mode/interfaces_wireguard.py
@@ -19,6 +19,9 @@
 from vyos.config import Config
 from vyos.configdict import get_interface_dict
 from vyos.configdict import is_node_changed
+from vyos.configdict import is_source_interface
+from vyos.configdep import set_dependents
+from vyos.configdep import call_dependents
 from vyos.configverify import verify_vrf
 from vyos.configverify import verify_address
 from vyos.configverify import verify_bridge_delete
@@ -35,6 +38,7 @@
 from pathlib import Path
 airbag.enable()
 
+
 def get_config(config=None):
     """
     Retrive CLI config as dictionary. Dictionary can never be empty, as at least the
@@ -61,11 +65,25 @@ def get_config(config=None):
             if 'disable' not in peer_config and 'host_name' in peer_config:
                 wireguard['peers_need_resolve'].append(peer)
 
+    # Check if interface is used as source-interface on VXLAN interface
+    tmp = is_source_interface(conf, ifname, 'vxlan')
+    if tmp:
+        if 'deleted' not in wireguard:
+            set_dependents('vxlan', conf, tmp)
+        else:
+            wireguard['is_source_interface'] = tmp
+
     return wireguard
 
+
 def verify(wireguard):
     if 'deleted' in wireguard:
         verify_bridge_delete(wireguard)
+        if 'is_source_interface' in wireguard:
+            raise ConfigError(
+                f'Interface "{wireguard["ifname"]}" cannot be deleted as it is used '
+                f'as source interface for "{wireguard["is_source_interface"]}"!'
+            )
         return None
 
     verify_mtu_ipv6(wireguard)
@@ -119,9 +137,11 @@ def verify(wireguard):
 
             public_keys.append(peer['public_key'])
 
+
 def generate(wireguard):
     return None
 
+
 def apply(wireguard):
     check_kmod('wireguard')
 
@@ -157,8 +177,11 @@ def apply(wireguard):
             domain_action = 'stop'
     call(f'systemctl {domain_action} vyos-domain-resolver.service')
 
+    call_dependents()
+
     return None
 
+
 if __name__ == '__main__':
     try:
         c = get_config()
