From df1e195b5d3eca4ecc807ba20da7f953a3d14e0a Mon Sep 17 00:00:00 2001
From: Jacek Galowicz <jacek@galowicz.de>
Date: Thu, 14 Nov 2024 14:07:50 +0000
Subject: [PATCH] rp: set `allowed-ips` as routes

Prepare the rp app for a systemd unit file that sets up wireguard
connections.
---
 rp/src/exchange.rs | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/rp/src/exchange.rs b/rp/src/exchange.rs
index 3ae16bf..e337e72 100644
--- a/rp/src/exchange.rs
+++ b/rp/src/exchange.rs
@@ -313,6 +313,29 @@ pub async fn exchange(options: ExchangeOptions) -> Result<()> {
             broker_peer,
             peer.endpoint.map(|x| x.to_string()),
         )?;
+
+        // Configure routes
+        if let Some(allowed_ips) = peer.allowed_ips {
+            Command::new("ip")
+                .arg("route")
+                .arg("replace")
+                .arg(allowed_ips.clone())
+                .arg("dev")
+                .arg(options.dev.clone().unwrap_or("rosenpass0".to_string()))
+                .status()
+                .expect("failed to configure route");
+            cleanup_handlers
+                .enqueue(Box::pin(async move {
+                    Command::new("ip")
+                        .arg("route")
+                        .arg("del")
+                        .arg(allowed_ips)
+                        .status()
+                        .expect("failed to remove ip");
+                    Ok(())
+                }))
+                .await;
+        }
     }
 
     let out = srv.event_loop();