We are able to add a peer to an interface with a public key

go.mod

@@ -5,6 +5,7 @@ go 1.22.0
 require (
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/josharian/native v1.1.0 // indirect
+	github.com/mattn/go-sqlite3 v1.14.22 // indirect
 	github.com/mdlayher/genetlink v1.3.2 // indirect
 	github.com/mdlayher/netlink v1.7.2 // indirect
 	github.com/mdlayher/socket v0.4.1 // indirect

go.sum

@@ -2,6 +2,8 @@ github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/josharian/native v1.1.0 h1:uuaP0hAbW7Y4l0ZRQ6C9zfb7Mg1mbFKry/xzDAfmtLA=
 github.com/josharian/native v1.1.0/go.mod h1:7X/raswPFr05uY3HiLlYeyQntB6OO7E/d2Cu7qoaN2w=
+github.com/mattn/go-sqlite3 v1.14.22 h1:2gZY6PC6kBnID23Tichd1K+Z0oS6nE/XwU+Vz/5o4kU=
+github.com/mattn/go-sqlite3 v1.14.22/go.mod h1:Uh1q+B4BYcTPb+yiD3kU8Ct7aC0hY9fxUwlHK0RXw+Y=
 github.com/mdlayher/genetlink v1.3.2 h1:KdrNKe+CTu+IbZnm/GVUMXSqBBLqcGpRDa0xkQy56gw=
 github.com/mdlayher/genetlink v1.3.2/go.mod h1:tcC3pkCrPUGIKKsCsp0B3AdaaKuHtaxoJRz3cc+528o=
 github.com/mdlayher/netlink v1.7.2 h1:/UtM3ofJap7Vl4QWCPDGXY8d3GIY2UGSDbK+QWmY8/g=

test/privatekey

@@ -0,0 +1 @@
+UPpCWGVjNAG4cBQ4cMmiNohcjERmG5Q9XICkdlrGC14=

test/publickey

@@ -0,0 +1 @@
+ZmxAOHG+2uLJUooUu8IM6ElTmE4EWjP3eSa0RQqImU8=

wgenroll.go

@@ -1,34 +1,49 @@
 package main
 
 import (
+	"errors"
+	"fmt"
 	"log"
 	"net"
 
 	"golang.zx2c4.com/wireguard/wgctrl"
-	"golang.zx2c4.com/wireguard/wgtypes"
+	"golang.zx2c4.com/wireguard/wgctrl/wgtypes"
 )
 
 // TODO: replace this with a config value
 const deviceName = "wg0"
+const allowedNetworkCIDR = "172.16.0.1/20"
 
 func main() {
 	client, err := wgctrl.New()
 	defer client.Close()
 
 	if err != nil {
-		log.Fatalf("Unable to create wireguard client. Is wireguard installed? %v", err)
+		log.Fatalf("Unable to create wireguard client. Is wireguard installed? %v\n", err)
+	}
+
+	_, err = client.Device(deviceName)
+
+	if err != nil {
+		log.Fatalf("Unable to connect to wireguard device %s. %v\n", deviceName, err)
 	}
 
 	log.Println(client.Devices())
-
+	err = addPeer(client, deviceName, "ZmxAOHG+2uLJUooUu8IM6ElTmE4EWjP3eSa0RQqImU8=")
+	log.Println(err)
 }
 
-func addPeer(client *wgctrl.Client, deviceName string, key wgtypes.Key) error {
+func addPeer(client *wgctrl.Client, deviceName string, key string) error {
-	// TODO: load from config
+	_, allowedNetwork, _ := net.ParseCIDR(allowedNetworkCIDR)
-	_, allowedNetwork, _ := net.ParseCIDR("172.16.0.1/20")
+	allowedIps := []net.IPNet{*allowedNetwork}
-	allowedIps := []net.IPNet{allowedNetwork}
+	publicKey, err := wgtypes.ParseKey(key)
-	peer := wgtypes.PeerConfig{Key: key, AllowedIPs: allowedIps}
 
-	config := wgtypes.Config{Peers: []PeerConfig{peer}, ReplacePeers: false}
+	if err != nil {
-	return client.ConfigureDevice(name, config)
+		return errors.New(fmt.Sprintf("Unable to parse client key %v", err))
+	}
+
+	peer := wgtypes.PeerConfig{PublicKey: publicKey, AllowedIPs: allowedIps}
+
+	config := wgtypes.Config{Peers: []wgtypes.PeerConfig{peer}, ReplacePeers: false}
+	return client.ConfigureDevice(deviceName, config)
 }