10 files changed, 210 insertions, 18 deletions
diff --git a/src/helpers/run-config-migration.py b/src/helpers/run-config-migration.py
index cc7166c22..ce647ad0a 100755
--- a/src/helpers/run-config-migration.py
+++ b/src/helpers/run-config-migration.py
@@ -20,7 +20,7 @@ import sys
 import argparse
 import datetime
 
-from vyos.util import cmd
+from vyos.utils.process import cmd
 from vyos.migrator import Migrator, VirtualMigrator
 
 def main():
diff --git a/src/helpers/vyos-boot-config-loader.py b/src/helpers/vyos-boot-config-loader.py
index b9cc87bfa..01b06526d 100755
--- a/src/helpers/vyos-boot-config-loader.py
+++ b/src/helpers/vyos-boot-config-loader.py
@@ -26,7 +26,7 @@ from datetime import datetime
 from vyos.defaults import directories, config_status
 from vyos.configsession import ConfigSession, ConfigSessionError
 from vyos.configtree import ConfigTree
-from vyos.util import cmd
+from vyos.utils.process import cmd
 
 STATUS_FILE = config_status
 TRACE_FILE = '/tmp/boot-config-trace'
diff --git a/src/helpers/vyos-check-wwan.py b/src/helpers/vyos-check-wwan.py
index 2ff9a574f..334f08dd3 100755
--- a/src/helpers/vyos-check-wwan.py
+++ b/src/helpers/vyos-check-wwan.py
@@ -17,7 +17,7 @@
 from vyos.configquery import VbashOpRun
 from vyos.configquery import ConfigTreeQuery
 
-from vyos.util import is_wwan_connected
+from vyos.utils.network import is_wwan_connected
 
 conf = ConfigTreeQuery()
 dict = conf.get_config_dict(['interfaces', 'wwan'], key_mangling=('-', '_'),
diff --git a/src/helpers/vyos-domain-resolver.py b/src/helpers/vyos-domain-resolver.py
index e31d9238e..2036ca72e 100755
--- a/src/helpers/vyos-domain-resolver.py
+++ b/src/helpers/vyos-domain-resolver.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2022 VyOS maintainers and contributors
+# Copyright (C) 2022-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -22,10 +22,10 @@ from vyos.configdict import dict_merge
 from vyos.configquery import ConfigTreeQuery
 from vyos.firewall import fqdn_config_parse
 from vyos.firewall import fqdn_resolve
-from vyos.util import cmd
-from vyos.util import commit_in_progress
-from vyos.util import dict_search_args
-from vyos.util import run
+from vyos.utils.commit import commit_in_progress
+from vyos.utils.dict import dict_search_args
+from vyos.utils.process import cmd
+from vyos.utils.process import run
 from vyos.xml import defaults
 
 base = ['firewall']
diff --git a/src/helpers/vyos-failover.py b/src/helpers/vyos-failover.py
index ce4cf8fa4..cc7610370 100755
--- a/src/helpers/vyos-failover.py
+++ b/src/helpers/vyos-failover.py
@@ -20,7 +20,7 @@ import subprocess
 import socket
 import time
 
-from vyos.util import rc_cmd
+from vyos.utils.process import rc_cmd
 from pathlib import Path
 from systemd import journal
 
diff --git a/src/helpers/vyos-interface-rescan.py b/src/helpers/vyos-interface-rescan.py
index 1ac1810e0..012357259 100755
--- a/src/helpers/vyos-interface-rescan.py
+++ b/src/helpers/vyos-interface-rescan.py
@@ -24,7 +24,7 @@ import netaddr
 
 from vyos.configtree import ConfigTree
 from vyos.defaults import directories
-from vyos.util import get_cfg_group_id
+from vyos.utils.permission import get_cfg_group_id
 
 debug = False
 
diff --git a/src/helpers/vyos-merge-config.py b/src/helpers/vyos-merge-config.py
index 14df2734b..8997705fe 100755
--- a/src/helpers/vyos-merge-config.py
+++ b/src/helpers/vyos-merge-config.py
@@ -1,6 +1,6 @@
 #!/usr/bin/python3
 
-# Copyright 2019 VyOS maintainers and contributors <maintainers@vyos.io>
+# Copyright 2019-2023 VyOS maintainers and contributors <maintainers@vyos.io>
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -20,11 +20,12 @@ import os
 import tempfile
 import vyos.defaults
 import vyos.remote
+
 from vyos.config import Config
 from vyos.configtree import ConfigTree
 from vyos.migrator import Migrator, VirtualMigrator
-from vyos.util import cmd, DEVNULL
-
+from vyos.utils.process import cmd
+from vyos.utils.process import DEVNULL
 
 if (len(sys.argv) < 2):
     print("Need config file name to merge.")
diff --git a/src/helpers/vyos-sudo.py b/src/helpers/vyos-sudo.py
index 3e4c196d9..75dd7f29d 100755
--- a/src/helpers/vyos-sudo.py
+++ b/src/helpers/vyos-sudo.py
@@ -18,7 +18,7 @@
 import os
 import sys
 
-from vyos.util import is_admin
+from vyos.utils.permission import is_admin
 
 
 if __name__ == '__main__':
diff --git a/src/helpers/vyos_config_sync.py b/src/helpers/vyos_config_sync.py
new file mode 100755
index 000000000..7cfa8fe88
--- /dev/null
+++ b/src/helpers/vyos_config_sync.py
@@ -0,0 +1,192 @@
+#!/usr/bin/env python3
+#
+# Copyright (C) 2023 VyOS maintainers and contributors
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License version 2 or later as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+#
+#
+
+import os
+import json
+import requests
+import urllib3
+import logging
+from typing import Optional, List, Union, Dict, Any
+
+from vyos.config import Config
+from vyos.template import bracketize_ipv6
+
+
+CONFIG_FILE = '/run/config_sync_conf.conf'
+
+# Logging
+logging.basicConfig(level=logging.INFO)
+logger = logging.getLogger(__name__)
+logger.name = os.path.basename(__file__)
+
+# API
+API_HEADERS = {'Content-Type': 'application/json'}
+
+
+def post_request(url: str,
+                 data: str,
+                 headers: Dict[str, str]) -> requests.Response:
+    """Sends a POST request to the specified URL
+
+    Args:
+        url (str): The URL to send the POST request to.
+        data (Dict[str, Any]): The data to send with the POST request.
+        headers (Dict[str, str]): The headers to include with the POST request.
+
+    Returns:
+        requests.Response: The response object representing the server's response to the request
+    """
+
+    response = requests.post(url,
+                             data=data,
+                             headers=headers,
+                             verify=False,
+                             timeout=timeout)
+    return response
+
+
+def retrieve_config(section: str = None) -> Optional[Dict[str, Any]]:
+    """Retrieves the configuration from the local server.
+
+    Args:
+        section: str: The section of the configuration to retrieve. Default is None.
+
+    Returns:
+        Optional[Dict[str, Any]]: The retrieved configuration as a dictionary, or None if an error occurred.
+    """
+    if section is None:
+        section = []
+    else:
+        section = section.split()
+
+    conf = Config()
+    config = conf.get_config_dict(section, get_first_key=True)
+    if config:
+        return config
+    return None
+
+
+def set_remote_config(
+        address: str,
+        key: str,
+        op: str,
+        path: str = None,
+        section: Optional[str] = None) -> Optional[Dict[str, Any]]:
+    """Loads the VyOS configuration in JSON format to a remote host.
+
+    Args:
+        address (str): The address of the remote host.
+        key (str): The key to use for loading the configuration.
+        path (Optional[str]): The path of the configuration. Default is None.
+        section (Optional[str]): The section of the configuration to load. Default is None.
+
+    Returns:
+        Optional[Dict[str, Any]]: The response from the remote host as a dictionary, or None if an error occurred.
+    """
+
+    if path is None:
+        path = []
+    else:
+        path = path.split()
+    headers = {'Content-Type': 'application/json'}
+
+    # Disable the InsecureRequestWarning
+    urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
+
+    url = f'https://{address}/configure-section'
+    data = json.dumps({
+        'op': mode,
+        'path': path,
+        'section': section,
+        'key': key
+    })
+
+    try:
+        config = post_request(url, data, headers)
+        return config.json()
+    except requests.exceptions.RequestException as e:
+        print(f"An error occurred: {e}")
+        logger.error(f"An error occurred: {e}")
+        return None
+
+
+def is_section_revised(section: str) -> bool:
+    from vyos.config_mgmt import is_node_revised
+    return is_node_revised([section])
+
+
+def config_sync(secondary_address: str,
+                secondary_key: str,
+                sections: List[str],
+                mode: str):
+    """Retrieve a config section from primary router in JSON format and send it to
+       secondary router
+    """
+    # Config sync only if sections changed
+    if not any(map(is_section_revised, sections)):
+        return
+
+    logger.info(
+        f"Config synchronization: Mode={mode}, Secondary={secondary_address}"
+    )
+
+    # Sync sections ("nat", "firewall", etc)
+    for section in sections:
+        config_json = retrieve_config(section=section)
+        # Check if config path deesn't exist, for example "set nat"
+        # we set empty value for config_json data
+        # As we cannot send to the remote host section "nat None" config
+        if not config_json:
+            config_json = ""
+        logger.debug(
+            f"Retrieved config for section '{section}': {config_json}")
+        set_config = set_remote_config(address=secondary_address,
+                                       key=secondary_key,
+                                       op=mode,
+                                       path=section,
+                                       section=config_json)
+        logger.debug(f"Set config for section '{section}': {set_config}")
+
+
+if __name__ == '__main__':
+    # Read configuration from file
+    if not os.path.exists(CONFIG_FILE):
+        logger.error(f"Post-commit: No config file '{CONFIG_FILE}' exists")
+        exit(0)
+
+    with open(CONFIG_FILE, 'r') as f:
+        config_data = f.read()
+
+    config = json.loads(config_data)
+
+    mode = config.get('mode')
+    secondary_address = config.get('secondary', {}).get('address')
+    secondary_address = bracketize_ipv6(secondary_address)
+    secondary_key = config.get('secondary', {}).get('key')
+    sections = config.get('section')
+    timeout = int(config.get('secondary', {}).get('timeout'))
+
+    if not all([
+            mode, secondary_address, secondary_key, sections
+    ]):
+        logger.error(
+            "Missing required configuration data for config synchronization.")
+        exit(0)
+
+    config_sync(secondary_address, secondary_key,
+                sections, mode)
diff --git a/src/helpers/vyos_net_name b/src/helpers/vyos_net_name
index 1798e92db..8c0992414 100755
--- a/src/helpers/vyos_net_name
+++ b/src/helpers/vyos_net_name
@@ -1,6 +1,6 @@
 #!/usr/bin/env python3
 #
-# Copyright (C) 2021 VyOS maintainers and contributors
+# Copyright (C) 2021-2023 VyOS maintainers and contributors
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License version 2 or later as
@@ -13,8 +13,6 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
-#
-#
 
 import os
 import re
@@ -26,7 +24,8 @@ from sys import argv
 
 from vyos.configtree import ConfigTree
 from vyos.defaults import directories
-from vyos.util import cmd, boot_configuration_complete
+from vyos.utils.process import cmd
+from vyos.utils.boot import boot_configuration_complete
 from vyos.migrator import VirtualMigrator
 
 vyos_udev_dir = directories['vyos_udev_dir']