Age | Commit message (Collapse) | Author | |
---|---|---|---|
2021-08-23 | container: T2216: add option to "disable" a container | Christian Poessinger | |
2021-08-23 | container: T2216: use common "generic-description.xml.i" building block | Christian Poessinger | |
2021-08-23 | container: T2216: verify() volume paths | Christian Poessinger | |
Volumes must have both a source and destination path specified. Also the source path must exist on the current system. | |||
2021-08-23 | container: T2216: increase default memory limit to 512MB | Christian Poessinger | |
2021-08-23 | container: T2216: bugfix ValueError when assembling volumes | Christian Poessinger | |
A call to .items() was missing that triggered the following error: ValueError: too many values to unpack (expected 2) | |||
2021-08-23 | container: T2216: no need to query container status | Christian Poessinger | |
As VyOS CLI is the only truth for dealing with containers we do not need to query if a container is running, exists or what so ever. We simply always restart it if something changes and do not rely on the underlaying Linux status. If a users does container stuff under the hood - it will be overridden. | |||
2021-08-23 | container: T2216: name of container must be alphanumeric and can contain a ↵ | Christian Poessinger | |
hyphen | |||
2021-08-23 | ipsec: T1210: use ConfigTreeQuery() instead of Config() from op-mode | Christian Poessinger | |
2021-08-23 | pki: T3642: use ConfigTreeQuery() instead of Config() from op-mode | Christian Poessinger | |
2021-08-23 | container: T2216: op-mode now supports updating the image for a given container | Christian Poessinger | |
2021-08-23 | container: T2216: increase sysctl inotify watchers | Christian Poessinger | |
2021-08-23 | containers: T2216: restructure container_base_cmd to have image name at the end | Christian Poessinger | |
2021-08-23 | containers: T2216: add CLI commands to specify restart behavior and memory usage | Christian Poessinger | |
A container is limited to 256MB memory by default and will always restart on failure. | |||
2021-08-23 | containers: T2216: xml: impove help string for address command | Christian Poessinger | |
2021-08-23 | containers: T2216: add environmnet variable constraint | Christian Poessinger | |
An environment variable passed to podman can only consist out of alphanumeric characters, a hypend and an underscore. | |||
2021-08-23 | container: T2216: add completion helper for "delete container image" | Christian Poessinger | |
2021-08-23 | containers: T2216: add missing verify() step on environment variables | Christian Poessinger | |
A environment variable MUST always have a value specified. Non existing values will cause the following error: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/containers.py", line 269, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in apply env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in <genexpr> env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) KeyError: 'value' | |||
2021-08-22 | Makefile: T3165: do not allow empty node.def files for op-mode commands | Christian Poessinger | |
Commit 99440fc0 ("Makefile: fix logic to detect empty "node.def" files") disabled the detection of empty node.def files for op-mode commands. The generation of a duplicate and thus empty node.def file is not prohibited by commit 17b5ac14 ("T3165: op-mode: prevent override of populated node.def file with empty content") and thus the check is re-enabled! | |||
2021-08-22 | log | Christian Poessinger | |
2021-08-22 | xml: op-mode: add missing help test for "reset openvpn" command | Christian Poessinger | |
2021-08-22 | xml: op-mode: add missing help test for "monitor protocol ospf" commands | Christian Poessinger | |
2021-08-22 | xml: op-mode: remove multiple "Reset a service" help definitions | Christian Poessinger | |
That nasty workaround to always specify the same value for the node.def file as the help text is no longer necessary after commit 17b5ac14 ("T3165: op-mode: prevent override of populated node.def file with empty content". The redundant definitions are no longer necessary. | |||
2021-08-22 | container: op-mode: T3765: add "show log container" command | Christian Poessinger | |
2021-08-22 | T3165: op-mode: prevent override of populated node.def file with empty content | Christian Poessinger | |
This is an extension to commit b4fdcebe ("T3165: prevent override of populated node.def file with empty content") which implemented the same thing for the configuration mode commands. | |||
2021-08-22 | scripts: op-mode: use Python 'f'ormat strings on debug messages | Christian Poessinger | |
2021-08-22 | ipsec: T2816: l2tp ipsec VPN must be started after strongSwan | Christian Poessinger | |
2021-08-22 | container: op-mode: T3765: add "restart container" command | Christian Poessinger | |
2021-08-22 | container: op-mode: T3765: move "connect container" command to ↵ | Christian Poessinger | |
container.xml.in file | |||
2021-08-22 | container: op-mode: T3765: add "connect container mysql-server" command | Christian Poessinger | |
2021-08-22 | ipsec: T1210: op-mode command for Windows has no "profile" option | Christian Poessinger | |
2021-08-22 | l2tp: Jinja2 add trailing newline | Christian Poessinger | |
2021-08-22 | smoketest: pppoes: adjust testcase to vyos.ifconfig.interface migration | Christian Poessinger | |
Now that the PPPoE interface also makes use of the vyos.ifconfig.interface class, we need to adjust the smoketests to reflect all those changes. TODO: Start a local PPPoE server in a namespace and connect locally for deeper testing. | |||
2021-08-22 | pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer template | Christian Poessinger | |
2021-08-22 | pppoe: T3641: set "noipv6" if IPv6 is not configured in newer pppd version | Christian Poessinger | |
2021-08-21 | vyos.configverify: use build-in functions for verify_interface_exists() | Christian Poessinger | |
2021-08-21 | pppoe: T1318: bump priority by 1 so we can source from pseudo-ethernet ↵ | Christian Poessinger | |
interfaces | |||
2021-08-21 | pppoe: T1318: implement missing access-concentrator CLI option | Christian Poessinger | |
2021-08-21 | vyos.configdict: leaf_node_changed() must return empty dict when node is added | Christian Poessinger | |
vyos@vyos# show interfaces pppoe pppoe pppoe10 { + access-concentrator asdfg authentication { password bar user foo } default-route force no-peer-dns source-interface eth0.202 } vyos@vyos# python3 Python 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] on linux Type "help", "copyright", "credits" or "license" for more information. >>> from vyos.config import Config >>> from vyos.configdict import get_interface_dict >>> from vyos.configdict import leaf_node_changed >>> conf = Config() >>> base = ['interfaces', 'pppoe'] >>> tmp = get_interface_dict(conf, base, 'pppoe10') >>> leaf_node_changed(conf, ['access-concentrator']) >>> [''] | |||
2021-08-21 | pppoe: T3090: migrate to vyos.ifconfig library to use the full potential | Christian Poessinger | |
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down. | |||
2021-08-21 | pppoe: T3090: support forward disable on a PPPoE link | Christian Poessinger | |
2021-08-21 | vyos.ifconfig: provide generic get_mac_synthetic() method | Christian Poessinger | |
WireGuard, Tunnel and also PPPoE all need a ways to calculate a synthetic MAC address used for the EUI64 link-local addresses. Instead of copying the code from Tunnel to WireGuard to PPPoE, use a generic implementation. | |||
2021-08-21 | smoketest: base: abbreviate path to /proc/sys/net | Christian Poessinger | |
2021-08-21 | vyos.configdict: add note when using leaf_node_changed() | Christian Poessinger | |
2021-08-21 | route: static: T2450: add next-hop interface on dhcp routes | Christian Poessinger | |
2021-08-21 | vyos.ifconfig: bridge: remove missleading comment in update() | Christian Poessinger | |
2021-08-21 | wwan: T3620: remove superfluous import statement | Christian Poessinger | |
WWAN does no londer need to render any configuration files. | |||
2021-08-21 | xml: interfaces: use one common building block for "disable-forwarding" | Christian Poessinger | |
Both building blocks only differed in the help text, so use IP for both IPv4 and IPv6. | |||
2021-08-21 | vti: T1441: enable ipv4/ipv6 interface options | Christian Poessinger | |
Now that we are based on XFRM interfaces we can also enable specific IPv4 and IPv6 interface options. | |||
2021-08-21 | interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵ | Christian Poessinger | |
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value. | |||
2021-08-21 | T1950: fix permissions on component-versions.json file | John Estabrook | |