Context

The desktop client is split into a GUI and a separate service that runs in the background with elevated privileges to manage network interfaces.

At the moment the daemon is "dumb" and mostly stateless. It just listens for incoming gRPC requests and exposes basic functions from our wireguard-rs library.

When a request to configure a wireguard interface is received there is no notion of this request being related to any previously created interface. Each time we start with a blank slate (that's why we must provide the interface name for each request).
The daemon also has no knowledge of the state of the GUI client.

Proposal

My proposal is to leverage the bidirectional streaming functionality of gRPC to establish a persistent connection between the GUI and interface management daemon.

This would have the following advantages:

• make both components immediately aware of any issues with the other side
• prevent any possibility of the background service creating any interfaces unless the GUI is active (no network interface without a Defguard icon in the tray bar)
• simplify interface stats streaming (no additional issues with dangling threads)
• prevent constant errors in the background service caused by stats streaming thread not being aware that an interface has been disconnected