From 14df3e24dfff55638e07c4fc170628dcef3b97d0 Mon Sep 17 00:00:00 2001
From: Gregor Michels <hirnpfirsich@brainpeach.de>
Date: Wed, 22 Mar 2023 23:26:03 +0100
Subject: [PATCH] gw-core01: fix broken mgmt tunnel

---
 documentation/INCIDENTS.md                    | 28 +++++++++++++++++++
 .../gateways/gw-core01/etc/config/network     |  1 -
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/documentation/INCIDENTS.md b/documentation/INCIDENTS.md
index cbb57f2..ef2701e 100644
--- a/documentation/INCIDENTS.md
+++ b/documentation/INCIDENTS.md
@@ -1476,6 +1476,34 @@ Tue Feb 28 08:44:16 2023 daemon.warn dnsmasq[1]: Maximum number of concurrent DN
 see `a236643` for details
 
 
+041 2023.03.11 19:20 - 2023.03.13 20:30 (ADP) | broken management vpn tunnel
+----------------------------------------------------------------------------
+
+```
+root@gw-core01:~# date
+Mon Mar 13 19:40:48 2023
+root@gw-core01:~# wg
+interface: wg0
+  public key: 1lYOjFZBY4WbaVmyWFuesVbgfFrfqDTnmAIrXTWLkh4=
+  private key: (hidden)
+  listening port: 51820
+
+peer: 9j6aZs+ViG9d9xw8AofRo10FPosW6LpDIv0IHtqP4UM=
+  preshared key: (hidden)
+  endpoint: 162.55.53.85:51820
+  allowed ips: 0.0.0.0/0
+  latest handshake: 1 day, 23 hours, 55 minutes, 49 seconds ago
+  transfer: 1.17 GiB received, 16.71 GiB sent
+  persistent keepalive: every 15 seconds
+root@gw-core01:~# ifdown wg0
+root@gw-core01:~# ifup wg0
+root@gw-core01:~# echo wg0 still not handshaking properly
+root@gw-core01:~# uci delete network.wg0.listen_port
+root@gw-core01:~# /etc/init.d/network reload
+root@gw-core01:~# echo wg0 is up again !
+root@gw-core01:~# uci commit network
+```
+
 042 2023.03.12 18:00 - 2023.03.22 19:30 (RGS) | `ap-1374` (`kitchen-og`) down
 -----------------------------------------------------------------------------
 
diff --git a/templates/gateways/gw-core01/etc/config/network b/templates/gateways/gw-core01/etc/config/network
index 1359ad5..fc5865d 100644
--- a/templates/gateways/gw-core01/etc/config/network
+++ b/templates/gateways/gw-core01/etc/config/network
@@ -91,7 +91,6 @@ config interface 'backoffice'
 config interface 'wg0'
         option proto 'wireguard'
         option private_key "{{ lookup('passwordstore', 'wg/wg0/gw-core01') }}"
-        option listen_port 51820
         option mtu 1350
         list addresses '10.84.254.1/31'