wg-apply
is a command-line tool designed to reload the config file of wg-quick (located under /etc/wireguard
) seamlessly. Unlike shutting down the entire interface, wg-apply makes changes as needed, without resetting the status of the WireGuard interface or causing any interruption to non-affected peers.
While wg-apply currently only supports the config file of wg-quick, a systemd-networkd compatible implementation is planned and coming soon.
There are two ways to use wg-apply
:
You can simply use wg-apply wg0
as a replacement for wg-quick up wg0
.
Please note that wg-apply does not intend to support the following options found in the wg-quick configure file: DNS=
, PreUp=
, PostUp=
, PreDown=
, PostDown=
, and SaveConfig=
. If you need these feature, I'd recommand you still use wg-quick up wg0
to bring up the interface.
wg-apply
can be configured as ExecReload=
for wg-quick@.service
:
-
Execute the following command to create an override file for the
wg-quick@.service
:systemctl edit wg-quick@.service
-
Add the following lines to the file, between the hint comments:
[Service] ExecReload= ExecReload=/usr/local/bin/wg-apply %i
-
Save and close the file.
-
Finally, execute the following command to reload the wg-quick configuration file for the specified WireGuard interface (in this case,
wg0
):systemctl reload wg-quick@wg0.service