summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--.github/workflows/add-rebase-label.yml14
-rw-r--r--op-mode-definitions/dhcp.xml.in4
-rw-r--r--op-mode-definitions/dns-dynamic.xml.in2
-rw-r--r--op-mode-definitions/dns-forwarding.xml.in2
-rw-r--r--op-mode-definitions/igmp-proxy.xml.in2
-rw-r--r--op-mode-definitions/mdns-reflector.xml.in2
-rw-r--r--op-mode-definitions/restart-router-advert.xml.in2
-rw-r--r--op-mode-definitions/restart-snmp.xml.in2
-rw-r--r--op-mode-definitions/restart-ssh.xml.in2
-rw-r--r--op-mode-definitions/reverse-proxy.xml.in2
-rw-r--r--op-mode-definitions/suricata.xml.in2
-rw-r--r--op-mode-definitions/vpn-ipsec.xml.in2
-rw-r--r--op-mode-definitions/vrrp.xml.in2
-rw-r--r--op-mode-definitions/webproxy.xml.in2
-rwxr-xr-xscripts/build-command-op-templates6
-rwxr-xr-xsrc/op_mode/restart.py127
16 files changed, 159 insertions, 16 deletions
diff --git a/.github/workflows/add-rebase-label.yml b/.github/workflows/add-rebase-label.yml
new file mode 100644
index 000000000..4cf3545ba
--- /dev/null
+++ b/.github/workflows/add-rebase-label.yml
@@ -0,0 +1,14 @@
+name: Add rebase label
+
+on:
+ pull_request_target:
+ types: [synchronize, opened, reopened, labeled, unlabeled]
+
+permissions:
+ pull-requests: write
+ contents: read
+
+jobs:
+ add-rebase-label:
+ uses: vyos/.github/.github/workflows/add-rebase-label.yml@current
+ secrets: inherit
diff --git a/op-mode-definitions/dhcp.xml.in b/op-mode-definitions/dhcp.xml.in
index eee6937d6..b3438ab80 100644
--- a/op-mode-definitions/dhcp.xml.in
+++ b/op-mode-definitions/dhcp.xml.in
@@ -245,7 +245,7 @@
<properties>
<help>Restart DHCP server</help>
</properties>
- <command>if cli-shell-api existsActive service dhcp-server; then sudo systemctl restart kea-dhcp4-server.service; else echo "DHCP server not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name dhcp</command>
</node>
<node name="relay-agent">
<properties>
@@ -264,7 +264,7 @@
<properties>
<help>Restart DHCPv6 server</help>
</properties>
- <command>if cli-shell-api existsActive service dhcpv6-server; then sudo systemctl restart kea-dhcp6-server.service; else echo "DHCPv6 server not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name dhcpv6</command>
</node>
<node name="relay-agent">
<properties>
diff --git a/op-mode-definitions/dns-dynamic.xml.in b/op-mode-definitions/dns-dynamic.xml.in
index 45d58e2e8..ef0f03988 100644
--- a/op-mode-definitions/dns-dynamic.xml.in
+++ b/op-mode-definitions/dns-dynamic.xml.in
@@ -97,7 +97,7 @@
<properties>
<help>Restart Dynamic DNS service</help>
</properties>
- <command>if cli-shell-api existsActive service dns dynamic; then sudo systemctl restart ddclient.service; else echo "Dynamic DNS not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name dns_dynamic</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/dns-forwarding.xml.in b/op-mode-definitions/dns-forwarding.xml.in
index 29bfc61cf..fac3fc345 100644
--- a/op-mode-definitions/dns-forwarding.xml.in
+++ b/op-mode-definitions/dns-forwarding.xml.in
@@ -73,7 +73,7 @@
<properties>
<help>Restart DNS Forwarding service</help>
</properties>
- <command>if cli-shell-api existsActive service dns forwarding; then sudo systemctl restart pdns-recursor.service; else echo "DNS forwarding not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name dns_forwarding</command>
</leafNode>
</children>
</node>
diff --git a/op-mode-definitions/igmp-proxy.xml.in b/op-mode-definitions/igmp-proxy.xml.in
index 8533138d7..d6ad7ed7e 100644
--- a/op-mode-definitions/igmp-proxy.xml.in
+++ b/op-mode-definitions/igmp-proxy.xml.in
@@ -6,7 +6,7 @@
<properties>
<help>Restart the IGMP proxy process</help>
</properties>
- <command>sudo systemctl restart igmpproxy.service</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name igmp_proxy</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/mdns-reflector.xml.in b/op-mode-definitions/mdns-reflector.xml.in
index a90d4d385..115b2858c 100644
--- a/op-mode-definitions/mdns-reflector.xml.in
+++ b/op-mode-definitions/mdns-reflector.xml.in
@@ -53,7 +53,7 @@
<properties>
<help>Restart mDNS repeater service</help>
</properties>
- <command>sudo systemctl restart avahi-daemon.service</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name mdns_repeater</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/restart-router-advert.xml.in b/op-mode-definitions/restart-router-advert.xml.in
index 304b4dfd3..9eea3dfc4 100644
--- a/op-mode-definitions/restart-router-advert.xml.in
+++ b/op-mode-definitions/restart-router-advert.xml.in
@@ -6,7 +6,7 @@
<properties>
<help>Restart IPv6 Router Advertisement service</help>
</properties>
- <command>if cli-shell-api existsActive service router-advert; then sudo systemctl restart radvd.service; else echo "IPv6 Router Advertisement service not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name router_advert</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/restart-snmp.xml.in b/op-mode-definitions/restart-snmp.xml.in
index 7de27df64..e9c43de01 100644
--- a/op-mode-definitions/restart-snmp.xml.in
+++ b/op-mode-definitions/restart-snmp.xml.in
@@ -6,7 +6,7 @@
<properties>
<help>Restart SNMP service</help>
</properties>
- <command>if cli-shell-api existsActive service snmp; then sudo systemctl restart snmpd.service; else echo "Service SNMP not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name snmp</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/restart-ssh.xml.in b/op-mode-definitions/restart-ssh.xml.in
index 543cafc24..914586df8 100644
--- a/op-mode-definitions/restart-ssh.xml.in
+++ b/op-mode-definitions/restart-ssh.xml.in
@@ -6,7 +6,7 @@
<properties>
<help>Restart SSH service</help>
</properties>
- <command>if cli-shell-api existsActive service ssh; then sudo systemctl restart "ssh@*.service"; else echo "Service SSH not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name ssh --vrf "*"</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/reverse-proxy.xml.in b/op-mode-definitions/reverse-proxy.xml.in
index 4af24880b..b45ce107f 100644
--- a/op-mode-definitions/reverse-proxy.xml.in
+++ b/op-mode-definitions/reverse-proxy.xml.in
@@ -6,7 +6,7 @@
<properties>
<help>Restart reverse-proxy service</help>
</properties>
- <command>if cli-shell-api existsActive load-balancing reverse-proxy; then sudo systemctl restart haproxy.service; else echo "Reverse-Proxy not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name reverse_proxy</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/suricata.xml.in b/op-mode-definitions/suricata.xml.in
index a5025afba..ff1f84706 100644
--- a/op-mode-definitions/suricata.xml.in
+++ b/op-mode-definitions/suricata.xml.in
@@ -16,7 +16,7 @@
<properties>
<help>Restart Suricata service</help>
</properties>
- <command>if systemctl is-active --quiet suricata; then sudo systemctl restart suricata.service; else echo "Service Suricata not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name suricata</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/vpn-ipsec.xml.in b/op-mode-definitions/vpn-ipsec.xml.in
index b551af2be..0a8671aeb 100644
--- a/op-mode-definitions/vpn-ipsec.xml.in
+++ b/op-mode-definitions/vpn-ipsec.xml.in
@@ -112,7 +112,7 @@
<properties>
<help>Restart the IPsec VPN process</help>
</properties>
- <command>if systemctl is-active --quiet strongswan; then sudo systemctl restart strongswan ; echo "IPsec process restarted"; else echo "IPsec process not running" ; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name ipsec</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/vrrp.xml.in b/op-mode-definitions/vrrp.xml.in
index 34484c706..158e7093e 100644
--- a/op-mode-definitions/vrrp.xml.in
+++ b/op-mode-definitions/vrrp.xml.in
@@ -30,7 +30,7 @@
<properties>
<help>Restart VRRP (Virtual Router Redundancy Protocol) process</help>
</properties>
- <command>sudo systemctl restart keepalived.service</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name vrrp</command>
</node>
</children>
</node>
diff --git a/op-mode-definitions/webproxy.xml.in b/op-mode-definitions/webproxy.xml.in
index 57df44ff8..ba13907b8 100644
--- a/op-mode-definitions/webproxy.xml.in
+++ b/op-mode-definitions/webproxy.xml.in
@@ -34,7 +34,7 @@
<properties>
<help>Restart WebProxy service</help>
</properties>
- <command>if cli-shell-api existsActive service webproxy; then sudo systemctl restart squid.service; else echo "Service WebProxy not configured"; fi</command>
+ <command>sudo ${vyos_op_scripts_dir}/restart.py restart_service --name webproxy</command>
</node>
</children>
</node>
diff --git a/scripts/build-command-op-templates b/scripts/build-command-op-templates
index 46ad634b9..d203fdcef 100755
--- a/scripts/build-command-op-templates
+++ b/scripts/build-command-op-templates
@@ -3,7 +3,7 @@
# build-command-template: converts new style command definitions in XML
# to the old style (bunch of dirs and node.def's) command templates
#
-# Copyright (C) 2017 VyOS maintainers <maintainers@vyos.net>
+# Copyright (C) 2017-2024 VyOS maintainers <maintainers@vyos.net>
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -20,6 +20,7 @@
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
# USA
+import re
import sys
import os
import argparse
@@ -108,7 +109,8 @@ def get_properties(p):
for i in lists:
comp_exprs.append("echo \"{0}\"".format(i.text))
for i in paths:
- comp_exprs.append("/bin/cli-shell-api listActiveNodes {0} | sed -e \"s/'//g\" && echo".format(i.text))
+ path = re.sub(r'\s+', '/', i.text)
+ comp_exprs.append("ls /opt/vyatta/config/active/{0} 2>/dev/null".format(path))
for i in scripts:
comp_exprs.append("{0}".format(i.text))
if comptype is not None:
diff --git a/src/op_mode/restart.py b/src/op_mode/restart.py
new file mode 100755
index 000000000..813d3a2b7
--- /dev/null
+++ b/src/op_mode/restart.py
@@ -0,0 +1,127 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2024 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+import sys
+import typing
+import vyos.opmode
+
+from vyos.configquery import ConfigTreeQuery
+from vyos.utils.process import call
+from vyos.utils.commit import commit_in_progress
+
+config = ConfigTreeQuery()
+
+service_map = {
+ 'dhcp' : {
+ 'systemd_service': 'kea-dhcp4-server',
+ 'path': ['service', 'dhcp-server'],
+ },
+ 'dhcpv6' : {
+ 'systemd_service': 'kea-dhcp6-server',
+ 'path': ['service', 'dhcpv6-server'],
+ },
+ 'dns_dynamic': {
+ 'systemd_service': 'ddclient',
+ 'path': ['service', 'dns', 'dynamic'],
+ },
+ 'dns_forwarding': {
+ 'systemd_service': 'pdns-recursor',
+ 'path': ['service', 'dns', 'forwarding'],
+ },
+ 'igmp_proxy': {
+ 'systemd_service': 'igmpproxy',
+ 'path': ['protocols', 'igmp-proxy'],
+ },
+ 'ipsec': {
+ 'systemd_service': 'strongswan',
+ 'path': ['vpn', 'ipsec'],
+ },
+ 'mdns_repeater': {
+ 'systemd_service': 'avahi-daemon',
+ 'path': ['service', 'mdns', 'repeater'],
+ },
+ 'reverse_proxy': {
+ 'systemd_service': 'haproxy',
+ 'path': ['load-balancing', 'reverse-proxy'],
+ },
+ 'router_advert': {
+ 'systemd_service': 'radvd',
+ 'path': ['service', 'router-advert'],
+ },
+ 'snmp' : {
+ 'systemd_service': 'snmpd',
+ },
+ 'ssh' : {
+ 'systemd_service': 'ssh',
+ },
+ 'suricata' : {
+ 'systemd_service': 'suricata',
+ },
+ 'vrrp' : {
+ 'systemd_service': 'keepalived',
+ 'path': ['high-availability', 'vrrp'],
+ },
+ 'webproxy' : {
+ 'systemd_service': 'squid',
+ },
+}
+services = typing.Literal['dhcp', 'dhcpv6', 'dns_dynamic', 'dns_forwarding', 'igmp_proxy', 'ipsec', 'mdns_repeater', 'reverse_proxy', 'router_advert', 'snmp', 'ssh', 'suricata' 'vrrp', 'webproxy']
+
+def _verify(func):
+ """Decorator checks if DHCP(v6) config exists"""
+ from functools import wraps
+
+ @wraps(func)
+ def _wrapper(*args, **kwargs):
+ config = ConfigTreeQuery()
+ name = kwargs.get('name')
+ human_name = name.replace('_', '-')
+
+ if commit_in_progress():
+ print(f'Cannot restart {human_name} service while a commit is in progress')
+ sys.exit(1)
+
+ # Get optional CLI path from service_mapping dict
+ # otherwise use "service name" CLI path
+ path = ['service', name]
+ if 'path' in service_map[name]:
+ path = service_map[name]['path']
+
+ # Check if config does not exist
+ if not config.exists(path):
+ raise vyos.opmode.UnconfiguredSubsystem(f'Service {human_name} is not configured!')
+ if config.exists(path + ['disable']):
+ raise vyos.opmode.UnconfiguredSubsystem(f'Service {human_name} is disabled!')
+ return func(*args, **kwargs)
+
+ return _wrapper
+
+@_verify
+def restart_service(raw: bool, name: services, vrf: typing.Optional[str]):
+ systemd_service = service_map[name]['systemd_service']
+ if vrf:
+ call(f'systemctl restart "{systemd_service}@{vrf}.service"')
+ else:
+ call(f'systemctl restart "{systemd_service}.service"')
+
+if __name__ == '__main__':
+ try:
+ res = vyos.opmode.run(sys.modules[__name__])
+ if res:
+ print(res)
+ except (ValueError, vyos.opmode.Error) as e:
+ print(e)
+ sys.exit(1)