diff --git a/examples/data-sources/wireguard_config_document/data-source.tf b/examples/data-sources/wireguard_config_document/data-source.tf index abb564d..d75b138 100644 --- a/examples/data-sources/wireguard_config_document/data-source.tf +++ b/examples/data-sources/wireguard_config_document/data-source.tf @@ -10,6 +10,7 @@ data "wireguard_config_document" "peer1" { peer { public_key = wireguard_asymmetric_key.peer2.public_key + presharedkey = wireguard_preshared_key.peer2.key allowed_ips = [ "0.0.0.0/0", ] diff --git a/examples/data-sources/wireguard_config_document/versions.tf b/examples/data-sources/wireguard_config_document/versions.tf index c001553..945b2be 100644 --- a/examples/data-sources/wireguard_config_document/versions.tf +++ b/examples/data-sources/wireguard_config_document/versions.tf @@ -9,3 +9,5 @@ terraform { resource "wireguard_asymmetric_key" "peer1" {} resource "wireguard_asymmetric_key" "peer2" {} resource "wireguard_asymmetric_key" "peer3" {} + +resource "wireguard_preshared_key" "peer2" {} diff --git a/examples/resources/wireguard_preshared_key/resource.tf b/examples/resources/wireguard_preshared_key/resource.tf new file mode 100644 index 0000000..969a9fa --- /dev/null +++ b/examples/resources/wireguard_preshared_key/resource.tf @@ -0,0 +1,8 @@ +resource "wireguard_preshared_key" "example" { +} + +output "wg_preshared_key" { + description = "Example's preshared WireGuard key" + value = wireguard_preshared_key.example.key + sensitive = true +} diff --git a/examples/resources/wireguard_preshared_key/versions.tf b/examples/resources/wireguard_preshared_key/versions.tf new file mode 100644 index 0000000..0b8f58a --- /dev/null +++ b/examples/resources/wireguard_preshared_key/versions.tf @@ -0,0 +1,7 @@ +terraform { + required_providers { + wireguard = { + source = "OJFord/wireguard" + } + } +} diff --git a/go.mod b/go.mod index 8227319..7f70afa 100644 --- a/go.mod +++ b/go.mod @@ -9,35 +9,24 @@ require ( require ( github.com/agext/levenshtein v1.2.3 // indirect - github.com/apparentlymart/go-textseg/v13 v13.0.0 // indirect github.com/fatih/color v1.13.0 // indirect - github.com/golang/protobuf v1.5.2 // indirect github.com/hashicorp/errwrap v1.1.0 // indirect - github.com/hashicorp/go-cty v1.4.1-0.20200414143053-d3edf31b6320 // indirect github.com/hashicorp/go-hclog v1.0.0 // indirect github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-plugin v1.4.3 // indirect github.com/hashicorp/go-uuid v1.0.2 // indirect - github.com/hashicorp/go-version v1.3.0 // indirect github.com/hashicorp/hcl/v2 v2.10.1 // indirect - github.com/hashicorp/terraform-plugin-go v0.4.0 // indirect github.com/hashicorp/yamux v0.0.0-20210826001029-26ff87cf9493 // indirect github.com/mattn/go-colorable v0.1.11 // indirect - github.com/mattn/go-isatty v0.0.14 // indirect - github.com/mitchellh/copystructure v1.2.0 // indirect github.com/mitchellh/go-testing-interface v1.14.1 // indirect github.com/mitchellh/go-wordwrap v1.0.1 // indirect github.com/mitchellh/mapstructure v1.4.2 // indirect - github.com/mitchellh/reflectwalk v1.0.2 // indirect github.com/oklog/run v1.1.0 // indirect - github.com/vmihailenco/msgpack v4.0.4+incompatible // indirect github.com/zclconf/go-cty v1.9.1 // indirect - golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect golang.org/x/net v0.0.0-20211020060615-d418f374d309 // indirect golang.org/x/sys v0.0.0-20211020064051-0ec99a608a1b // indirect golang.org/x/text v0.3.7 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20211019152133-63b7e35f4404 // indirect google.golang.org/grpc v1.41.0 // indirect - google.golang.org/protobuf v1.27.1 // indirect ) diff --git a/provider/provider.go b/provider/provider.go index 9496ffb..2176fbd 100644 --- a/provider/provider.go +++ b/provider/provider.go @@ -11,6 +11,7 @@ func Provider() *schema.Provider { }, ResourcesMap: map[string]*schema.Resource{ "wireguard_asymmetric_key": resourceWireguardAsymmetricKey(), + "wireguard_preshared_key": resourceWireguardPresharedKey(), }, } } diff --git a/provider/resource_wireguard_preshared_key.go b/provider/resource_wireguard_preshared_key.go new file mode 100644 index 0000000..3639a6b --- /dev/null +++ b/provider/resource_wireguard_preshared_key.go @@ -0,0 +1,51 @@ +package provider + +import ( + "crypto/sha256" + "encoding/hex" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "golang.zx2c4.com/wireguard/wgctrl/wgtypes" +) + +func resourceWireguardPresharedKey() *schema.Resource { + return &schema.Resource{ + Description: "Provides a WireGuard key resource. This can be used to create, read, and delete WireGuard preshared keys in terraform state.", + + Create: resourceWireguardPresharedKeyCreate, + Read: resourceWireguardPresharedKeyRead, + Delete: resourceWireguardPresharedKeyDelete, + + Schema: map[string]*schema.Schema{ + "key": { + Description: "Additional layer of symmetric-key cryptography to be mixed into the already existing public-key cryptography, for post-quantum resistance.", + Computed: true, + Sensitive: true, + Type: schema.TypeString, + }, + }, + } +} + +func resourceWireguardPresharedKeyCreate(d *schema.ResourceData, m interface{}) error { + var key wgtypes.Key + var err error + + key, err = wgtypes.GenerateKey() + err = d.Set("key", key.String()) + if err != nil { + return err + } + hash := sha256.Sum256([]byte(key.String())) + d.SetId(hex.EncodeToString(hash[:])) + + return nil +} + +func resourceWireguardPresharedKeyRead(d *schema.ResourceData, m interface{}) error { + return nil +} + +func resourceWireguardPresharedKeyDelete(d *schema.ResourceData, m interface{}) error { + d.SetId("") + return nil +}