wireguard: T5924: harden migration script logic 22-to-23

The original commit 2c1c36135 ("wireguard: T5413: Blocked adding the peer with
the router's public key") did not honor the fact that there might be no
private-key CLI node defined for a WireGuard interface. If this is the case,
private-key defaults to "default". This fact needs to be handled in the
migration script.

1 files changed, 5 insertions, 3 deletions

diff --git a/src/migration-scripts/interfaces/22-to-23 b/src/migration-scripts/interfaces/22-to-23
index c3c4ea366..a66bd303b 100755
--- a/src/migration-scripts/interfaces/22-to-23
+++ b/src/migration-scripts/interfaces/22-to-23
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2023 VyOS maintainers and contributors
+# Copyright (C) 2024 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -33,9 +33,11 @@ if __name__ == '__main__':
     if not config.exists(base):
         # Nothing to do
         sys.exit(0)
+
     for interface in config.list_nodes(base):
-        private_key_name = config.return_value(
-            base + [interface, 'private-key'])
+        private_key_name = 'default'
+        if config.exists(base + [interface, 'private-key']):
+            private_key_name = config.return_value(base + [interface, 'private-key'])
         private_key_path = f'/config/auth/wireguard/{private_key_name}/private.key'
         with open(private_key_path, 'r') as file:
             private_key = file.read().rstrip()