summaryrefslogtreecommitdiff
path: root/data/templates
diff options
context:
space:
mode:
Diffstat (limited to 'data/templates')
-rw-r--r--data/templates/macsec/wpa_supplicant.conf.tmpl21
-rw-r--r--data/templates/ssh/sshd_config.tmpl2
-rw-r--r--data/templates/wwan/ip-down.script.tmpl12
-rw-r--r--data/templates/wwan/ip-pre-up.script.tmpl10
-rw-r--r--data/templates/wwan/ip-up.script.tmpl12
-rw-r--r--data/templates/wwan/peer.tmpl24
6 files changed, 41 insertions, 40 deletions
diff --git a/data/templates/macsec/wpa_supplicant.conf.tmpl b/data/templates/macsec/wpa_supplicant.conf.tmpl
index a614d23f5..1731bf160 100644
--- a/data/templates/macsec/wpa_supplicant.conf.tmpl
+++ b/data/templates/macsec/wpa_supplicant.conf.tmpl
@@ -45,9 +45,10 @@ network={
# - the key server has decided to enable MACsec
# 0: Encrypt traffic (default)
# 1: Integrity only
- macsec_integ_only={{ '0' if security_encrypt else '1' }}
+ macsec_integ_only={{ '0' if security is defined and security.encrypt is defined else '1' }}
-{% if security_encrypt %}
+{% if security is defined %}
+{% if security.encrypt is defined %}
# mka_cak, mka_ckn, and mka_priority: IEEE 802.1X/MACsec pre-shared key mode
# This allows to configure MACsec with a pre-shared key using a (CAK,CKN) pair.
# In this mode, instances of wpa_supplicant can act as MACsec peers. The peer
@@ -56,21 +57,22 @@ network={
# hex-string (32 hex-digits) or a 32-byte (256-bit) hex-string (64 hex-digits)
# mka_ckn (CKN = CAK Name) takes a 1..32-bytes (8..256 bit) hex-string
# (2..64 hex-digits)
- mka_cak={{ security_mka_cak }}
- mka_ckn={{ security_mka_ckn }}
+ mka_cak={{ security.mka.cak }}
+ mka_ckn={{ security.mka.ckn }}
# mka_priority (Priority of MKA Actor) is in 0..255 range with 255 being
# default priority
- mka_priority={{ security_mka_priority }}
-{% endif %}
-{% if security_replay_window %}
+ mka_priority={{ security.mka.priority }}
+{% endif %}
+
+{% if security.replay_window is defined %}
# macsec_replay_protect: IEEE 802.1X/MACsec replay protection
# This setting applies only when MACsec is in use, i.e.,
# - macsec_policy is enabled
# - the key server has decided to enable MACsec
# 0: Replay protection disabled (default)
# 1: Replay protection enabled
- macsec_replay_protect={{ '1' if security_replay_window else '0' }}
+ macsec_replay_protect=1
# macsec_replay_window: IEEE 802.1X/MACsec replay protection window
# This determines a window in which replay is tolerated, to allow receipt
@@ -80,7 +82,8 @@ network={
# - the key server has decided to enable MACsec
# 0: No replay window, strict check (default)
# 1..2^32-1: number of packets that could be misordered
- macsec_replay_window={{ security_replay_window }}
+ macsec_replay_window={{ security.replay_window }}
+{% endif %}
{% endif %}
}
diff --git a/data/templates/ssh/sshd_config.tmpl b/data/templates/ssh/sshd_config.tmpl
index 1c136bb23..dbc5c3646 100644
--- a/data/templates/ssh/sshd_config.tmpl
+++ b/data/templates/ssh/sshd_config.tmpl
@@ -57,7 +57,7 @@ PasswordAuthentication {{ "no" if disable_password_authentication is defined els
ListenAddress {{ listen_address }}
{% else %}
{% for address in listen_address %}
-ListenAddress {{ value }}
+ListenAddress {{ address }}
{% endfor %}
{% endif %}
{% endif %}
diff --git a/data/templates/wwan/ip-down.script.tmpl b/data/templates/wwan/ip-down.script.tmpl
index f7b38cbc5..9dc15ea99 100644
--- a/data/templates/wwan/ip-down.script.tmpl
+++ b/data/templates/wwan/ip-down.script.tmpl
@@ -11,17 +11,17 @@ fi
# Determine if we are running inside a VRF or not, required for proper routing table
# NOTE: the down script can not be properly templated as we need the VRF name,
# which is not present on deletion, thus we read it from the operating system.
-if [ -d /sys/class/net/{{ intf }}/upper_* ]; then
+if [ -d /sys/class/net/{{ ifname }}/upper_* ]; then
# Determine upper (VRF) interface
- VRF=$(basename $(ls -d /sys/class/net/{{ intf }}/upper_*))
+ VRF=$(basename $(ls -d /sys/class/net/{{ ifname }}/upper_*))
# Remove upper_ prefix from result string
VRF_NAME=${VRF#"upper_"}
# Remove default route from VRF routing table
- vtysh -c "conf t" -c "vrf ${VRF_NAME}" -c "no ip route 0.0.0.0/0 {{ intf }}"
+ vtysh -c "conf t" -c "vrf ${VRF_NAME}" -c "no ip route 0.0.0.0/0 {{ ifname }}"
else
# Remove default route from GRT (global routing table)
- vtysh -c "conf t" -c "no ip route 0.0.0.0/0 {{ intf }}"
+ vtysh -c "conf t" -c "no ip route 0.0.0.0/0 {{ ifname }}"
fi
-DIALER_PID=$(cat /var/run/{{ intf }}.pid)
-logger -t pppd[$DIALER_PID] "removed default route via {{ intf }} metric {{ metric }}"
+DIALER_PID=$(cat /var/run/{{ ifname }}.pid)
+logger -t pppd[$DIALER_PID] "removed default route via {{ ifname }} metric {{ backup.distance }}"
diff --git a/data/templates/wwan/ip-pre-up.script.tmpl b/data/templates/wwan/ip-pre-up.script.tmpl
index 7a17a1c71..efc065bad 100644
--- a/data/templates/wwan/ip-pre-up.script.tmpl
+++ b/data/templates/wwan/ip-pre-up.script.tmpl
@@ -7,17 +7,17 @@ ipparam=$6
# device name and metric are received using ipparam
device=`echo "$ipparam"|awk '{ print $1 }'`
-if [ "$device" != "{{ intf }}" ]; then
+if [ "$device" != "{{ ifname }}" ]; then
exit
fi
# add some info to syslog
-DIALER_PID=$(cat /var/run/{{ intf }}.pid)
+DIALER_PID=$(cat /var/run/{{ ifname }}.pid)
logger -t pppd[$DIALER_PID] "executing $0"
-echo "{{ description }}" > /sys/class/net/{{ intf }}/ifalias
+echo "{{ description }}" > /sys/class/net/{{ ifname }}/ifalias
{% if vrf -%}
-logger -t pppd[$DIALER_PID] "configuring interface {{ intf }} for VRF {{ vrf }}"
-ip link set dev {{ intf }} master {{ vrf }}
+logger -t pppd[$DIALER_PID] "configuring interface {{ ifname }} for VRF {{ vrf }}"
+ip link set dev {{ ifname }} master {{ vrf }}
{% endif %}
diff --git a/data/templates/wwan/ip-up.script.tmpl b/data/templates/wwan/ip-up.script.tmpl
index 3a7eec800..2603a0286 100644
--- a/data/templates/wwan/ip-up.script.tmpl
+++ b/data/templates/wwan/ip-up.script.tmpl
@@ -9,17 +9,17 @@ if [ -z $(echo $2 | egrep "(ttyS[0-9]+|usb[0-9]+b.*)$") ]; then
fi
# Determine if we are running inside a VRF or not, required for proper routing table
-if [ -d /sys/class/net/{{ intf }}/upper_* ]; then
+if [ -d /sys/class/net/{{ ifname }}/upper_* ]; then
# Determine upper (VRF) interface
- VRF=$(basename $(ls -d /sys/class/net/{{ intf }}/upper_*))
+ VRF=$(basename $(ls -d /sys/class/net/{{ ifname }}/upper_*))
# Remove upper_ prefix from result string
VRF_NAME=${VRF#"upper_"}
# Remove default route from VRF routing table
- vtysh -c "conf t" -c "vrf ${VRF_NAME}" -c "ip route 0.0.0.0/0 {{ intf }} {{ metric }}"
+ vtysh -c "conf t" -c "vrf ${VRF_NAME}" -c "ip route 0.0.0.0/0 {{ ifname }} {{ backup.distance }}"
else
# Remove default route from GRT (global routing table)
- vtysh -c "conf t" -c "ip route 0.0.0.0/0 {{ intf }} {{ metric }}"
+ vtysh -c "conf t" -c "ip route 0.0.0.0/0 {{ ifname }} {{ backup.distance }}"
fi
-DIALER_PID=$(cat /var/run/{{ intf }}.pid)
-logger -t pppd[$DIALER_PID] "added default route via {{ intf }} metric {{ metric }} ${VRF_NAME}"
+DIALER_PID=$(cat /var/run/{{ ifname }}.pid)
+logger -t pppd[$DIALER_PID] "added default route via {{ ifname }} metric {{ backup.distance }} ${VRF_NAME}"
diff --git a/data/templates/wwan/peer.tmpl b/data/templates/wwan/peer.tmpl
index 0168283fd..aa759f741 100644
--- a/data/templates/wwan/peer.tmpl
+++ b/data/templates/wwan/peer.tmpl
@@ -1,19 +1,18 @@
### Autogenerated by interfaces-wirelessmodem.py ###
-{% if description %}
-# {{ description }}
-{% endif %}
-ifname {{ intf }}
-ipparam {{ intf }}
-linkname {{ intf }}
-{% if name_server -%}
-usepeerdns
-{%- endif %}
+{{ "# description: " + description if description is defined }}
+ifname {{ ifname }}
+ipparam {{ ifname }}
+linkname {{ ifname }}
+{{ "usepeerdns" if no_peer_dns is defined }}
# physical device
{{ device }}
lcp-echo-failure 0
115200
debug
+debug
+mtu {{ mtu }}
+mru {{ mtu }}
nodefaultroute
ipcp-max-failure 4
ipcp-accept-local
@@ -22,8 +21,7 @@ noauth
crtscts
lock
persist
-{% if on_demand -%}
-demand
-{%- endif %}
+{{ "demand" if ondemand is defined }}
+
+connect '/usr/sbin/chat -v -t6 -f /etc/ppp/peers/chat.{{ ifname }}'
-connect '/usr/sbin/chat -v -t6 -f {{ chat_script }}'