diff --git a/migrations/20240124063948_adjust_peer_disconnect.down.sql b/migrations/20240124063948_adjust_peer_disconnect.down.sql new file mode 100644 index 000000000..2730304b4 --- /dev/null +++ b/migrations/20240124063948_adjust_peer_disconnect.down.sql @@ -0,0 +1 @@ +ALTER TABLE wireguard_network ALTER COLUMN peer_disconnect_threshold SET DEFAULT 75; diff --git a/migrations/20240124063948_adjust_peer_disconnect.up.sql b/migrations/20240124063948_adjust_peer_disconnect.up.sql new file mode 100644 index 000000000..be83412e9 --- /dev/null +++ b/migrations/20240124063948_adjust_peer_disconnect.up.sql @@ -0,0 +1 @@ +ALTER TABLE wireguard_network ALTER COLUMN peer_disconnect_threshold SET DEFAULT 180; diff --git a/src/db/models/wireguard.rs b/src/db/models/wireguard.rs index 03417c114..a12cca257 100644 --- a/src/db/models/wireguard.rs +++ b/src/db/models/wireguard.rs @@ -25,7 +25,7 @@ use crate::{ }; pub const DEFAULT_KEEPALIVE_INTERVAL: i32 = 25; -pub const DEFAULT_DISCONNECT_THRESHOLD: i32 = 25; +pub const DEFAULT_DISCONNECT_THRESHOLD: i32 = 180; // Used in process of importing network from wireguard config #[derive(Debug, Clone, Deserialize, Serialize)] diff --git a/src/wireguard_peer_disconnect.rs b/src/wireguard_peer_disconnect.rs index 34d1757b6..ddb3e9308 100644 --- a/src/wireguard_peer_disconnect.rs +++ b/src/wireguard_peer_disconnect.rs @@ -18,7 +18,7 @@ use thiserror::Error; use tokio::{sync::broadcast::Sender, time::sleep}; // How long to sleep between loop iterations -const DISCONNECT_LOOP_SLEEP_SECONDS: u64 = 180; // 3 minutes +const DISCONNECT_LOOP_SLEEP_SECONDS: u64 = 60; // 1 minute #[derive(Debug, Error)] pub enum PeerDisconnectError { diff --git a/tests/user.rs b/tests/user.rs index 07238c70f..aa4e31368 100644 --- a/tests/user.rs +++ b/tests/user.rs @@ -571,7 +571,7 @@ fn make_network() -> Value { "allowed_groups": [], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 }) } diff --git a/tests/wireguard.rs b/tests/wireguard.rs index c999da6cd..59446a48a 100644 --- a/tests/wireguard.rs +++ b/tests/wireguard.rs @@ -27,7 +27,7 @@ fn make_network() -> Value { "allowed_groups": [], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 }) } diff --git a/tests/wireguard_network_allowed_groups.rs b/tests/wireguard_network_allowed_groups.rs index 0822163a6..f387d8104 100644 --- a/tests/wireguard_network_allowed_groups.rs +++ b/tests/wireguard_network_allowed_groups.rs @@ -120,7 +120,7 @@ async fn test_create_new_network() { "allowed_groups": ["allowed group"], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -162,7 +162,7 @@ async fn test_modify_network() { "allowed_groups": [], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -193,7 +193,7 @@ async fn test_modify_network() { "allowed_groups": ["allowed group"], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -218,7 +218,7 @@ async fn test_modify_network() { "allowed_groups": ["allowed group", "not allowed group"], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -244,7 +244,7 @@ async fn test_modify_network() { "allowed_groups": ["not allowed group"], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -269,7 +269,7 @@ async fn test_modify_network() { "allowed_groups": [], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; @@ -507,7 +507,7 @@ async fn test_modify_user() { "allowed_groups": ["allowed group"], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 })) .send() .await; diff --git a/tests/wireguard_network_stats.rs b/tests/wireguard_network_stats.rs index 71f69f97f..8f73d049e 100644 --- a/tests/wireguard_network_stats.rs +++ b/tests/wireguard_network_stats.rs @@ -26,7 +26,7 @@ fn make_network() -> Value { "allowed_groups": [], "mfa_enabled": false, "keepalive_interval": 25, - "peer_disconnect_threshold": 75 + "peer_disconnect_threshold": 180 }) } diff --git a/web/src/i18n/en/index.ts b/web/src/i18n/en/index.ts index 6d6acb4e8..358c71b1d 100644 --- a/web/src/i18n/en/index.ts +++ b/web/src/i18n/en/index.ts @@ -1287,10 +1287,10 @@ const en: BaseTranslation = { label: 'Require MFA for this Location', }, keepalive_interval: { - label: 'Keepalive interval', + label: 'Keepalive interval [seconds]', }, peer_disconnect_threshold: { - label: 'Peer disconnect threshold', + label: 'Peer disconnect threshold [seconds]', }, }, controls: { diff --git a/web/src/i18n/i18n-types.ts b/web/src/i18n/i18n-types.ts index c86f4eb14..fe3acefb8 100644 --- a/web/src/i18n/i18n-types.ts +++ b/web/src/i18n/i18n-types.ts @@ -3011,13 +3011,13 @@ type RootTranslation = { } keepalive_interval: { /** - * K​e​e​p​a​l​i​v​e​ ​i​n​t​e​r​v​a​l + * K​e​e​p​a​l​i​v​e​ ​i​n​t​e​r​v​a​l​ ​[​s​e​c​o​n​d​s​] */ label: string } peer_disconnect_threshold: { /** - * P​e​e​r​ ​d​i​s​c​o​n​n​e​c​t​ ​t​h​r​e​s​h​o​l​d + * P​e​e​r​ ​d​i​s​c​o​n​n​e​c​t​ ​t​h​r​e​s​h​o​l​d​ ​[​s​e​c​o​n​d​s​] */ label: string } @@ -6541,13 +6541,13 @@ export type TranslationFunctions = { } keepalive_interval: { /** - * Keepalive interval + * Keepalive interval [seconds] */ label: () => LocalizedString } peer_disconnect_threshold: { /** - * Peer disconnect threshold + * Peer disconnect threshold [seconds] */ label: () => LocalizedString } diff --git a/web/src/i18n/pl/index.ts b/web/src/i18n/pl/index.ts index e3c3d3a55..dc024bc0b 100644 --- a/web/src/i18n/pl/index.ts +++ b/web/src/i18n/pl/index.ts @@ -1272,10 +1272,10 @@ Uwaga, konfiguracje tutaj podane, nie posiadają twojego klucza prywatnego. Musi label: 'Wymagaj MFA dla tej lokalizacji', }, keepalive_interval: { - label: 'Utrzymanie połączenia', + label: 'Utrzymanie połączenia [sekundy]', }, peer_disconnect_threshold: { - label: 'Peer disconnect threshold', + label: 'Peer disconnect threshold [sekundy]', }, }, controls: { diff --git a/web/src/pages/network/NetworkEditForm/NetworkEditForm.tsx b/web/src/pages/network/NetworkEditForm/NetworkEditForm.tsx index a4ddc9ae3..1331eba52 100644 --- a/web/src/pages/network/NetworkEditForm/NetworkEditForm.tsx +++ b/web/src/pages/network/NetworkEditForm/NetworkEditForm.tsx @@ -50,7 +50,7 @@ const defaultValues: FormFields = { dns: '', mfa_enabled: false, keepalive_interval: 25, - peer_disconnect_threshold: 75, + peer_disconnect_threshold: 180, }; const networkToForm = (data?: Network): FormFields => { @@ -197,7 +197,7 @@ export const NetworkEditForm = () => { peer_disconnect_threshold: yup .number() .positive() - .min(1) + .min(120) .required(LL.form.error.required()), }) .required(); diff --git a/web/src/pages/wizard/components/WizardNetworkConfiguration/WizardNetworkConfiguration.tsx b/web/src/pages/wizard/components/WizardNetworkConfiguration/WizardNetworkConfiguration.tsx index c9370c1bd..40b2d529c 100644 --- a/web/src/pages/wizard/components/WizardNetworkConfiguration/WizardNetworkConfiguration.tsx +++ b/web/src/pages/wizard/components/WizardNetworkConfiguration/WizardNetworkConfiguration.tsx @@ -140,7 +140,7 @@ export const WizardNetworkConfiguration = () => { peer_disconnect_threshold: yup .number() .positive() - .min(1) + .min(120) .required(LL.form.error.required()), }) .required(), diff --git a/web/src/pages/wizard/hooks/useWizardStore.ts b/web/src/pages/wizard/hooks/useWizardStore.ts index 5d19275fb..20dc92260 100644 --- a/web/src/pages/wizard/hooks/useWizardStore.ts +++ b/web/src/pages/wizard/hooks/useWizardStore.ts @@ -27,7 +27,7 @@ const defaultValues: StoreFields = { dns: '', mfa_enabled: false, keepalive_interval: 25, - peer_disconnect_threshold: 75, + peer_disconnect_threshold: 180, }, };