Summary
I have a peer with public key X. In vyos config, I change public key for this peer to Y and commit. After this, I am now left with two peers with duplicate configs except one has public key X and another has public key Y
Steps to reproduce
Wireguard config
vyos@router# show interfaces wireguard wg1 address 10.20.203.230/32 mtu 1432 peer pia-de-frankfurt { address allowed-ips 0.0.0.0/0 description "PIA DE Frankfurt" persistent-keepalive 10 port 1337 public-key vRmrVyZc9if1AoZTqS+nAoRqiNj5ZwOneJbwSURUtRc= } port 51821 private-key ...
vyos@router# sudo wg show wg1 interface: wg1 public key: iL9k46UCSGPljlq+McVoYfmxCu4bphGB4rD+/HmSuRA= private key: (hidden) listening port: 51821 peer: vRmrVyZc9if1AoZTqS+nAoRqiNj5ZwOneJbwSURUtRc= endpoint: 138.199.18.149:1337 allowed ips: 0.0.0.0/0 latest handshake: 41 seconds ago transfer: 184 B received, 872 B sent persistent keepalive: every 10 seconds [edit] vyos@router# set interfaces wireguard wg1 peer pia-de-frankfurt public-key 'cMsnQ0Va1vyU7j/JY/fuImeH0ScP8A0yIGwMylAa9XM=' [edit] vyos@router# commit [edit] vyos@router# sudo wg show wg1 interface: wg1 public key: iL9k46UCSGPljlq+McVoYfmxCu4bphGB4rD+/HmSuRA= private key: (hidden) listening port: 51821 peer: vRmrVyZc9if1AoZTqS+nAoRqiNj5ZwOneJbwSURUtRc= endpoint: 138.199.18.149:1337 allowed ips: (none) latest handshake: 1 minute, 13 seconds ago transfer: 184 B received, 968 B sent persistent keepalive: every 10 seconds peer: cMsnQ0Va1vyU7j/JY/fuImeH0ScP8A0yIGwMylAa9XM= endpoint: 138.199.18.149:1337 allowed ips: 0.0.0.0/0 transfer: 0 B received, 592 B sent persistent keepalive: every 10 seconds
Expected
It should remove the peer with public key vRmrVyZc9if1AoZTqS+nAoRqiNj5ZwOneJbwSURUtRc= completely and then add the new peer.
Instead it adds 2 peers with the same routes and that breaks connectivity.