wg-apply is a command-line tool designed to reload the config file of wg-quick (located under /etc/wireguard) seamlessly. Unlike shutting down the entire interface, wg-apply makes changes as needed, without resetting the status of the WireGuard interface or causing any interruption to non-affected peers.
While wg-apply currently only supports the config file of wg-quick, a systemd-networkd compatible implementation is planned and coming soon.
There are two ways to use wg-apply:
You can simply use wg-apply wg0 as a replacement for wg-quick up wg0.
Please note that wg-apply does not intend to support the following options found in the wg-quick configure file: DNS=, PreUp=, PostUp=, PreDown=, PostDown=, and SaveConfig=. If you need these feature, I'd recommand you still use wg-quick up wg0 to bring up the interface.
wg-apply can be configured as ExecReload= for wg-quick@.service:
-
Execute the following command to create an override file for the
wg-quick@.service:systemctl edit wg-quick@.service
-
Add the following lines to the file, between the hint comments:
[Service] ExecReload= ExecReload=/usr/local/bin/wg-apply %i
-
Save and close the file.
-
Finally, execute the following command to reload the wg-quick configuration file for the specified WireGuard interface (in this case,
wg0):systemctl reload wg-quick@wg0.service