Age | Commit message (Collapse) | Author |
|
SSH mac, ciper and key exchange algorithms are not ynamically and only change
on distro upgrades. Thus it is easier to have them in a list and use a regex
based constraint. In the past users could have entered anything here!
|
|
It was not possible to configure two WG peers with both utilized a pre-shared
key. This has been corrected.
WG psk can only be read from a file when starting the interface. The code for
creating this temporary file has been moved into the ifconfig.WireGuardIf()
class.
Tested with:
============
set interfaces wireguard wg0 address '192.0.2.0/31'
set interfaces wireguard wg0 peer one allowed-ips '0.0.0.0/0'
set interfaces wireguard wg0 peer one preshared-key 'e+SIIUcrnrSDHhbTtpjwKhSlSdUALA5ZvoCjfQXcvmA='
set interfaces wireguard wg0 peer one pubkey '/qQGAQ2HfLSZBSCpdgps04r9wRlK7bSFraCH9+MScmw='
set interfaces wireguard wg0 peer two allowed-ips '0.0.0.0/0'
set interfaces wireguard wg0 peer two pubkey '/qQGAQ2HfLSZBSCpdgfooor9wRlK7bSFraCH9+MScmw='
|
|
xml: T2588: fix mistake when determining if a node is multi
|
|
|
|
xml: T2588: allow multiple values in defaults
|
|
|
|
|
|
|
|
|
|
|
|
* 'default-dict' of github.com:c-po/vyos-1x:
console-server: T2588: migrate to defaults from XML interface definitions
xml: T2588: add gitignore for generated defaults
xml: T2588: code to extract defaults values from xml
Debian: remove duplicate build dependency
xml: ssh: fix typo in service description
|
|
|
|
|
|
default-doct
* 'T2588' of https://github.com/thomas-mangin/vyos-1x:
xml: T2588: code to extract defaults values from xml
|
|
|
|
|
|
|
|
|
|
|
|
T2486: DNS, vyos-hostsd fixes
|
|
|
|
|
|
When the 'powersave' option under 'system console' was defined but no actual
serial console device this cause the following error during migration:
Loading configuration from 'config.boot'
Traceback (most recent call last):
File "/opt/vyatta/etc/config-migrate/migrate/system/16-to-17", line 45, in <module>
for device in config.list_nodes(base + ['device']):
File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 236, in list_nodes
raise ConfigTreeError("Path [{}] doesn't exist".format(path_str))
vyos.configtree.ConfigTreeError: Path [b'system console device'] doesn't exist
|
|
|
|
Boolean nodes have been removed b/c a boolean value makes less sense. The same
behavior can be achieved with the presence or absence of a node. Unfortunately
the 'autonomous-flag' node has been a negated one which did not migrate
it to 'no-autonomous-flag' if it was set to false previously.
|
|
StartLimitIntervalSec is part of the [Unit] definition and not the [Service]
definition [1]. This caused the following warning message:
systemd[1]: /lib/systemd/system/dhcp6c@.service:12: Unknown lvalue
'StartLimitIntervalSec' in section 'Service', ignoring
This error has been introduced via commit 992d356 ("dhcpv6-pd: T421: workaround
for non existing interfaces").
[1]: https://www.freedesktop.org/software/systemd/man/systemd.unit.html
|
|
When deleting a peth interface the interface name was not added to the
configuration dict, which lead to referencing non existent keys.
|
|
* 'console-server' of github.com:c-po/vyos-1x:
console-server: T2490: set service priority to 990
op-mode: console-server: T2490: rename "connect console-server" to "connect console"
console-server: T2490: server must listen only on localhost
op-mode: add "show ip ports" to list local opened ports
console-server: T2490: add SSH support for direct device access
op-mode: console-server: T2490: get connection info
console-server: T2490: remove superfluous "port" node from XML definition
console-server: T2490: rename CLI to console-server
console-server: T2490: add SSH support
console-server: T2490: log to journald
console-server: T2490: move CLI parsing to get_config_dict()
console-server: T2490: replace ser2net with conserver
op-mode: T2490: add "connect serial-proxy" CLI command
console-server: T2490: add default CLI values
console-server: T2490: rename CLI to "serial-proxy"
console-server: T2490: use new USB ports "by-bus"
console-server: T2490: use "ls" for completion helper
console-server: T2490: initial support
|
|
... to ensure the service is started very late.
|
|
console"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A user can define a port under the SSH node per device. WHen connecting to that
port and authenticating using regular credentials we will immediately drop to
the serial console. This is the same as executing "connect serial-proxy <name>".
|
|
|
|
For more examples on the new get_config_dict() approach migrate this
implementation as it is not yet in production use. Also this serves as proof of
concept code for further migrations.
|
|
|
|
Used to connecte to a device exposed via serial proxy.
|
|
|
|
|
|
|
|
Using "ls" is much faster compared to "find ... -exec basename"
|
|
|
|
|
|
Merge two dictionaries. Only keys which are not present in destination will
be copied from source, anything else will be kept untouched. Function will
return a new dict which has the merged key/value pairs.
Before:
{'device': {'usb0b2.4p1.0': {'speed': '9600'},
'usb0b2.4p1.1': {'data-bits': '8',
'parity': 'none',
'speed': '115200',
'stop-bits': '2'}}}
After:
{'device': {'usb0b2.4p1.0': {'data-bits': '8',
'parity': 'none',
'speed': '9600',
'stop-bits': '1'},
'usb0b2.4p1.1': {'data-bits': '8',
'parity': 'none',
'speed': '115200',
'stop-bits': '2'}}}
|
|
|