better support for running multiple separate brokers #85
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR lays the foundation for cleanly supporting multiple broker replicas for an organization. The current problems are:
The solution we're going with is to concatenate multiple keys together into one mega key, and then use a new config field (
inbound.wireguard.brokerIndex
in config or--broker-index
on the command line) to select which offset key and peer address to connect with. Benefit here is that it means a) minimial config changes and b) is backwards compatible with old brokers. Only thing we'll need to keep in mind is that folks will have to use our key generation comments --wg genkey
/wg pubkey
won't work for multiple brokers.Tl;dr:
genkey
command to generate multiple keys concatenated together (default 3)pubkey
command to properly handle multiple private keys concatenated togetherThere are some companion changes that need to be done in the broker gateway, but as long as nobody is using the broker index setting yet, everything should work.