summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-12-13ddclient: T5144: Fix migration to avoid config name conflictIndrajit Raychaudhuri
When migrating from `service dns dynamic interface <interface> ...` to `service dns dynamic address <address> ...`, the config name can potentially have a conflict when `address == 'web'`. Although the `/run/ddclient/ddclient.conf` that was generated earlier was incorrect, one could still potentially have misconfigured VyOS config without realizing it. We now append the old <interface> name to the config name to avoid conflict.
2023-12-13image-tools: T5806: deactive raid arraysJohn Estabrook
2023-12-13Merge pull request #2628 from jestabro/ftp-archiveJohn Estabrook
T5774: fix regression in remote.upload
2023-12-13T5774: fix regressions in remote.upload and use in config_mgmtJohn Estabrook
2023-12-13Merge pull request #2606 from c-po/srv6Christian Breunig
SRv6: T591: initial implementation to support locator definition
2023-12-13Merge pull request #2607 from indrajitr/ddclient-improvement-round-3-2023-12-10Christian Breunig
ddclient: T5791: Adjust warning messages, minor refactor and smoketest updates
2023-12-13Merge pull request #2622 from jestabro/obscure-passwd-on-installChristian Breunig
image-tools: T5819: do not echo password on image install
2023-12-13Merge pull request #2623 from sarthurdev/kea_opmode_fixChristian Breunig
dhcp: T3316: Fix raw op-mode lease output
2023-12-13Merge pull request #2618 from Trae32566/T5816Christian Breunig
validator: T5816: large community validator should only allos character set and basic format
2023-12-13validator: T5816: large community validator should only allos character set ↵Trae Santiago
and basic format
2023-12-12dhcp: T3316: Fix dhcp op-mode state 'all' matchingsarthurdev
2023-12-12dhcp: T3316: Fix raw op-mode lease outputsarthurdev
2023-12-12Merge pull request #2611 from nicolas-fort/T5804-mig-scriptDaniil Baturin
T5804: nat: remove inbound|outbound interface from old configuration when it was set to <any>.
2023-12-12image-tools: T5819: do not echo password on image installJohn Estabrook
2023-12-12image-tools: T5806: remove partition and disk signatures in cleanupJohn Estabrook
2023-12-12T5249: Add rollback-soft featureViacheslav Hletenko
Add the ability to rollback configs without rebooting ``` sudo /usr/bin/config-mgmt rollback_soft --rev 1 rollback-soft 1 ```
2023-12-12Merge pull request #2608 from jestabro/load-config-moduleJohn Estabrook
load-config: T5815: provide a variety of load config methods
2023-12-11ddclient: T5791: Add smoketest for dynamic interfaceIndrajit Raychaudhuri
2023-12-11ddclient: T5791: Cleanup smoketests and remove unnecessary importsIndrajit Raychaudhuri
2023-12-11ddclient: T5791: Adjust the warning messages and minor refactoringIndrajit Raychaudhuri
2023-12-11load-config: T5815: provide a variety of load config methodsJohn Estabrook
Collect in a module several versions of a 'load config' function. They have different use cases according to performance and error reporting, and allow comparison of non-legacy and legacy variants.
2023-12-11Merge pull request #2613 from jestabro/num-revisionsJohn Estabrook
T5812: report actual number of revisions instead of max
2023-12-11Merge pull request #2612 from nicolas-fort/T5807-nat66-opmodeChristian Breunig
T5807: fix op-mode command <show nat66>
2023-12-11srv6: T591: initial implementation to support locator definitionChristian Breunig
VyOS CLI set protocols segment-routing srv6 locator bar prefix '2001:b::/64' set protocols segment-routing srv6 locator foo behavior-usid set protocols segment-routing srv6 locator foo prefix '2001:a::/64' Will generate in FRR segment-routing srv6 locators locator bar prefix 2001:b::/64 block-len 40 node-len 24 func-bits 16 exit ! locator foo prefix 2001:a::/64 block-len 40 node-len 24 func-bits 16 behavior usid exit ! exit ! exit ! exit
2023-12-11bgp: T591: add SRv6 support from FRRChristian Breunig
set protocols bgp sid vpn per-vrf export '99' set protocols bgp srv6 locator 'foo' set protocols bgp system-as '100' Will generate in FRR config router bgp 100 no bgp ebgp-requires-policy no bgp default ipv4-unicast no bgp network import-check ! segment-routing srv6 locator foo exit sid vpn per-vrf export 99 exit
2023-12-11T5812: report actual number of revisions instead of maxJohn Estabrook
2023-12-11T5807: fix op-mode command <show nat66>, which only display rules if nat was ↵Nicolas Fort
configured. In this commit, check is fixed and rules are printed as expected.
2023-12-11T5804: nat: remove inbound|outbound interface from old configuration when it ↵Nicolas Fort
was set to <any>.
2023-12-11Merge pull request #2609 from indrajitr/github-streamline-2Christian Breunig
T5803: Migrate vscode settings to new value and clean up .gitattributes
2023-12-11T5803: Migrate vscode settings to new value and clean up .gitattributesIndrajit Raychaudhuri
Update VSCode settings for "editor.wordBasedSuggestions". It has changed from boolean to enum. The value "off" is the same as previous value of `false`. Also remove stray duplicate entries in .gitattributes.
2023-12-10Merge pull request #2601 from c-po/t5413-current-resequenceChristian Breunig
migration: T5413: re-sequence interfaces migration scripts
2023-12-10Merge pull request #2600 from sever-sever/T5773-smoketestsViacheslav Hletenko
T5773: API add smoketest for load config via HTTP URL
2023-12-10Merge pull request #2602 from sever-sever/T5791Christian Breunig
T5791: DNS dynamic exclude check for dynamic interfaces PPPoE
2023-12-10T5791: DNS dynamic exclude check for dynamic interfaces PPPoEViacheslav Hletenko
Dynamic interfaces such as PPPoE/sstpc can not exist during verification dns dynamic. As they added and removed dynamically. Add interface_filter to exclude them from checks
2023-12-10migration: T5413: re-sequence interfaces migration scriptsChristian Breunig
PR https://github.com/vyos/vyos-1x/pull/2540 backported a migration script from current to the equuleus LTS branch. As migration scripts are executed in order to adjust the CLI for necessary improvements in future LTS releases we need to change the versioning of the migration files to match the new "base" version from the previous LTS release. In theory this could break very ancient 1.4 rolling releases (from the early days of the OSPF refactoring) - but those versions are considered very much unstable. Now this is the last chance to sync up the migration scripts before the 1.4 LTS release.
2023-12-09T5773: API add smoketest for load config via HTTP URLViacheslav Hletenko
Use a custom NGINX config to load config via URL
2023-12-09Merge pull request #2598 from sever-sever/T5812Christian Breunig
T5812: Fix for rollback check max revision number
2023-12-09Merge pull request #1960 from sarthurdev/keaChristian Breunig
dhcp: T3316: Migrate dhcp/dhcpv6 server to Kea
2023-12-09T5812: Fix for rollback check max revision numberViacheslav Hletenko
2023-12-09GitHub: add stale PR auto labelerChristian Breunig
Add "stale" tag to PRs with 30 days of no activity.
2023-12-08Merge pull request #2576 from indrajitr/github-streamlineChristian Breunig
git: T5803: Adjust git configuration for baseline defaults
2023-12-08git: T5803: Adjust git configuration for baseline defaultsIndrajit Raychaudhuri
Apply baseline defaults for `.gitattributes` and `.vscode/settings.json` for improved developer experience. The `.gitattrbutes` settings are based on: Git documentation (https://git-scm.com/docs/gitattributes#_effects) GitHub documentation (https://docs.github.com/en/get-started/getting-started-with-git/configuring-git-to-handle-line-endings) Community templates (https://github.com/gitattributes/gitattributes) Since editor-agnostic line-ending specific settings are applied to `.gitattributes`, they can be removed from `.vscode/settings.json`. The global VSCode defaults have also been removed to avoid duplication.
2023-12-08Merge pull request #2594 from srividya0208/T5802Christian Breunig
op-cmd: T5802: bug fix for "ping x.x.x.x interface" completion options
2023-12-08Merge pull request #2584 from c-po/T4943-google-authenticatorChristian Breunig
login: T4943: use pam-auth-update to enable/disable Google authenticator
2023-12-08T5805: telegraf: re-add network metricsVladimir F
(cherry picked from commit 383c40c547c7f4dc408b98306119bb3740bc3f7c)
2023-12-08Merge pull request #2591 from c-po/currentChristian Breunig
ddclient: T5791: use a fixed VRF table ID in smoketests
2023-12-08ddclient: T5791: use a fixed VRF table ID in smoketestsChristian Breunig
Fixes DEBUG - ====================================================================== DEBUG - ERROR: test_07_dyndns_vrf (__main__.TestServiceDDNS.test_07_dyndns_vrf) DEBUG - ---------------------------------------------------------------------- DEBUG - Traceback (most recent call last): DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/test_service_dns_dynamic.py", line 302, in test_07_dyndns_vrf DEBUG - self.cli_set(['vrf', 'name', vrf_name, 'table', vrf_table]) DEBUG - File "/usr/libexec/vyos/tests/smoke/cli/base_vyostest_shim.py", line 68, in cli_set DEBUG - self._session.set(config) DEBUG - File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 154, in set DEBUG - self.__run_command([SET] + path + value) DEBUG - File "/usr/lib/python3/dist-packages/vyos/configsession.py", line 143, in __run_command DEBUG - raise ConfigSessionError(output) DEBUG - vyos.configsession.ConfigSessionError: Number is not in any of allowed ranges
2023-12-08op-cmd: T5802: bug fix for "ping x.x.x.x interface" completion optionssrividya0208
2023-12-08T5798: load-balancing revese-proxy add multiple SSL certificatesViacheslav Hletenko
Add ability to configure multiple SSL certificates for frontend/service set load-balancing reverse-proxy service web mode http set load-balancing reverse-proxy service web port 443 set load-balancing reverse-proxy service web ssl certificate cert1 set load-balancing reverse-proxy service web ssl certificate cert2
2023-12-08login: T4943: use pam-auth-update to enable/disable Google authenticatorChristian Breunig
The initial version always enabled Google authenticator (2FA/MFA) support by hardcoding the PAM module for sshd and login. This change only enables the PAM module on demand if any use has 2FA/MFA configured. Enabling the module is done system wide via pam-auth-update by using a predefined template. Can be tested using: set system login user vyos authentication plaintext-password vyos set system login user vyos authentication otp key 'QY735IG5HDHBFHS5W7Y2A4EM274SMT3O' See https://docs.vyos.io/en/latest/configuration/system/login.html for additional details.