From 84d33aa88c0b0190172c9d48b093440e51c201f5 Mon Sep 17 00:00:00 2001
From: Dmitrii Iurco <dmitrii.iurco@gmail.com>
Date: Tue, 21 Apr 2026 01:05:56 -0400
Subject: [PATCH] fix: prevent _syncconf from touching live container when run
 from tests

Added a path guard: if the config file resolves to /tmp/ or a pytest
temp dir, _syncconf bails out immediately. Without this, tests calling
add_peer/remove_peer with a temp-dir WireGuardManager would connect to
the live cell-wireguard container and remove production peers.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 api/wireguard_manager.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/api/wireguard_manager.py b/api/wireguard_manager.py
index 12e989e..e1f9956 100644
--- a/api/wireguard_manager.py
+++ b/api/wireguard_manager.py
@@ -160,8 +160,15 @@ class WireGuardManager(BaseServiceManager):
         wg syncconf resets the ListenPort when given a peers-only config,
         breaking client connections. We diff the config file against the live
         interface and add/remove peers individually instead.
+
+        SAFETY: if the config file is not under the real wireguard config dir
+        (e.g. a test temp dir), bail out immediately — never touch the live container.
         """
         import subprocess, re
+        real_conf = self._config_file()
+        if '/tmp/' in real_conf or 'pytest' in real_conf:
+            logger.debug('_syncconf: skipping — config path looks like a test dir')
+            return
         try:
             # Parse desired peers from config file
             content = self._read_config()