Age | Commit message (Collapse) | Author |
|
When migrating from `service dns dynamic interface <interface> ...` to
`service dns dynamic address <address> ...`, the config name can
potentially have a conflict when `address == 'web'`.
Although the `/run/ddclient/ddclient.conf` that was generated earlier
was incorrect, one could still potentially have misconfigured VyOS
config without realizing it.
We now append the old <interface> name to the config name to avoid
conflict.
|
|
|
|
T5774: fix regression in remote.upload
|
|
|
|
SRv6: T591: initial implementation to support locator definition
|
|
ddclient: T5791: Adjust warning messages, minor refactor and smoketest updates
|
|
image-tools: T5819: do not echo password on image install
|
|
dhcp: T3316: Fix raw op-mode lease output
|
|
validator: T5816: large community validator should only allos character set and basic format
|
|
and basic format
|
|
|
|
|
|
T5804: nat: remove inbound|outbound interface from old configuration when it was set to <any>.
|
|
|
|
|
|
Add the ability to rollback configs without rebooting
```
sudo /usr/bin/config-mgmt rollback_soft --rev 1
rollback-soft 1
```
|
|
load-config: T5815: provide a variety of load config methods
|
|
|
|
|
|
|
|
Collect in a module several versions of a 'load config' function.
They have different use cases according to performance and error
reporting, and allow comparison of non-legacy and legacy variants.
|
|
T5812: report actual number of revisions instead of max
|
|
T5807: fix op-mode command <show nat66>
|
|
VyOS CLI
set protocols segment-routing srv6 locator bar prefix '2001:b::/64'
set protocols segment-routing srv6 locator foo behavior-usid
set protocols segment-routing srv6 locator foo prefix '2001:a::/64'
Will generate in FRR
segment-routing
srv6
locators
locator bar
prefix 2001:b::/64 block-len 40 node-len 24 func-bits 16
exit
!
locator foo
prefix 2001:a::/64 block-len 40 node-len 24 func-bits 16
behavior usid
exit
!
exit
!
exit
!
exit
|
|
set protocols bgp sid vpn per-vrf export '99'
set protocols bgp srv6 locator 'foo'
set protocols bgp system-as '100'
Will generate in FRR config
router bgp 100
no bgp ebgp-requires-policy
no bgp default ipv4-unicast
no bgp network import-check
!
segment-routing srv6
locator foo
exit
sid vpn per-vrf export 99
exit
|
|
|
|
configured. In this commit, check is fixed and rules are printed as expected.
|
|
was set to <any>.
|
|
T5803: Migrate vscode settings to new value and clean up .gitattributes
|
|
Update VSCode settings for "editor.wordBasedSuggestions". It has
changed from boolean to enum. The value "off" is the same as previous
value of `false`.
Also remove stray duplicate entries in .gitattributes.
|
|
migration: T5413: re-sequence interfaces migration scripts
|
|
T5773: API add smoketest for load config via HTTP URL
|
|
T5791: DNS dynamic exclude check for dynamic interfaces PPPoE
|
|
Dynamic interfaces such as PPPoE/sstpc can not exist during
verification dns dynamic. As they added and removed dynamically.
Add interface_filter to exclude them from checks
|
|
PR https://github.com/vyos/vyos-1x/pull/2540 backported a migration script from
current to the equuleus LTS branch. As migration scripts are executed in order
to adjust the CLI for necessary improvements in future LTS releases we need to
change the versioning of the migration files to match the new "base" version
from the previous LTS release.
In theory this could break very ancient 1.4 rolling releases (from the early
days of the OSPF refactoring) - but those versions are considered very much
unstable.
Now this is the last chance to sync up the migration scripts before the 1.4 LTS
release.
|
|
Use a custom NGINX config to load config via URL
|
|
T5812: Fix for rollback check max revision number
|
|
dhcp: T3316: Migrate dhcp/dhcpv6 server to Kea
|
|
|
|
Add "stale" tag to PRs with 30 days of no activity.
|
|
git: T5803: Adjust git configuration for baseline defaults
|
|
Apply baseline defaults for `.gitattributes` and `.vscode/settings.json`
for improved developer experience.
The `.gitattrbutes` settings are based on:
Git documentation (https://git-scm.com/docs/gitattributes#_effects)
GitHub documentation (https://docs.github.com/en/get-started/getting-started-with-git/configuring-git-to-handle-line-endings)
Community templates (https://github.com/gitattributes/gitattributes)
Since editor-agnostic line-ending specific settings are applied to
`.gitattributes`, they can be removed from `.vscode/settings.json`.
The global VSCode defaults have also been removed to avoid duplication.
|
|
op-cmd: T5802: bug fix for "ping x.x.x.x interface" completion options
|
|
login: T4943: use pam-auth-update to enable/disable Google authenticator
|
|
(cherry picked from commit 383c40c547c7f4dc408b98306119bb3740bc3f7c)
|
|
ddclient: T5791: use a fixed VRF table ID in smoketests
|
|
Fixes
DEBUG - ======================================================================
DEBUG - ERROR: test_07_dyndns_vrf (__main__.TestServiceDDNS.test_07_dyndns_vrf)
DEBUG - ----------------------------------------------------------------------
DEBUG - Traceback (most recent call last):
DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/test_service_dns_dynamic.py", line 302, in test_07_dyndns_vrf
DEBUG - self.cli_set(['vrf', 'name', vrf_name, 'table', vrf_table])
DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/base_vyostest_shim.py", line 68, in cli_set
DEBUG - self._session.set(config)
DEBUG - File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 154, in set
DEBUG - self.__run_command([SET] + path + value)
DEBUG - File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 143, in __run_command
DEBUG - raise ConfigSessionError(output)
DEBUG - vyos.configsession.ConfigSessionError: Number is not in any of allowed ranges
|
|
|
|
Add ability to configure multiple SSL certificates for
frontend/service
set load-balancing reverse-proxy service web mode http
set load-balancing reverse-proxy service web port 443
set load-balancing reverse-proxy service web ssl certificate cert1
set load-balancing reverse-proxy service web ssl certificate cert2
|
|
The initial version always enabled Google authenticator (2FA/MFA) support by
hardcoding the PAM module for sshd and login.
This change only enables the PAM module on demand if any use has 2FA/MFA
configured. Enabling the module is done system wide via pam-auth-update by
using a predefined template.
Can be tested using:
set system login user vyos authentication plaintext-password vyos
set system login user vyos authentication otp key 'QY735IG5HDHBFHS5W7Y2A4EM274SMT3O'
See https://docs.vyos.io/en/latest/configuration/system/login.html for additional
details.
|