summaryrefslogtreecommitdiff
path: root/src/migration-scripts
AgeCommit message (Collapse)Author
2019-08-20powerdns: T1524: support setting allow-from networkChristian Poessinger
Netmasks (both IPv4 and IPv6) that are allowed to use the server. The default allows access only from RFC 1918 private IP addresses. Due to the aggressive nature of the internet these days, it is highly recommended to not open up the recursor for the entire internet. Questions from IP addresses not listed here are ignored and do not get an answer. https://docs.powerdns.com/recursor/settings.html#allow-from Imagine an ISP network with non RFC1918 IP adresses - they can't make use of PowerDNS recursor. As of now VyOS hat allow-from set to 0.0.0.0/0 and ::/0 which created an open resolver. If there is no allow-from statement a config-migrator will add the appropriate nodes to the configuration, resulting in: service { dns { forwarding { allow-from 0.0.0.0/0 allow-from ::/0 cache-size 0 ignore-hosts-file listen-address 192.0.2.1 } } }
2019-08-07[bridge] T1156: add missing if statement in config-migrationChristian Poessinger
Fixes: Traceback (most recent call last): File "/opt/vyatta/etc/config-migrate/migrate/interfaces/0-to-1", line 27, in <module> for br in config.list_nodes(base): File "/usr/lib/python3/dist-packages/vyos/configtree.py", line 255, in list_nodes raise ConfigTreeError("Path [{}] doesn't exist".format(path_str)) vyos.configtree.ConfigTreeError: Path [b'interfaces bridge'] doesn't exist
2019-08-04[bridge] T1156: rename igmp-snooping node to igmpChristian Poessinger
2019-08-03[bridge] T1156: support adding and removing bridge member interfacesChristian Poessinger
This is the new syntax bridge br0 { member { interface eth0 { cost 10 } interface eth1 { cost 11 } } }
2019-08-02[bridge] T1156: add configuration migration scriptChristian Poessinger
2019-07-08[PPPoE] - T1489: vlan_mon config optionshagbard
2019-06-16Revert "T849: move BGP peer-group node to ipv4 address family"Christian Poessinger
This reverts commit 685b1e0d050c7883303733d710327161fe046b60.
2019-06-16T849: move BGP peer-group node to ipv4 address familyChristian Poessinger
To have a consitent IPv4/IPv6 CLI a lot of BGP neighbor nodes have been migrated. The IPv4 peer-group has been forgotten, leaving a non consistent CLI. Previously: ----------- neighbor 2001:DB8:FFFF::1 { address-family { ipv6-unicast { peer-group iBGP } } peer-group iBGP } Now: ---- neighbor 2001:DB8:FFFF::1 { address-family { ipv6-unicast { peer-group iBGP } } address-family { ipv4-unicast { peer-group iBGP } } }
2019-05-08T805: Drop config compatibility with Vyatta Core older than 6.5John Estabrook
Rewrite vyatta-config-migrate/migrate/system/6-to-7 in the canonical style and add to vyos-1x migration-scripts. This completes the collection of scripts needed to drop compatability with Vyatta Core older than 6.5.
2019-04-26[dhcp-server]: bugfix on wrong exit code caused due to wrong indentionChristian Poessinger
2019-04-23[migration] T1344: extend migration script for radius-source-addressChristian Poessinger
radius-source-address was backported to vyOS 1.2.2 so also migrate this node.
2019-04-20[dhcp-server] T1335: bugfix when migrating authoritative sectionChristian Poessinger
2019-04-20Revert "[hostname] T1336: trailing dots in system domain-name are invalid"Christian Poessinger
This reverts commit 05c539ea5595790b297904569cbe13089ce79e18.
2019-04-20[hostname] T1336: trailing dots in system domain-name are invalidChristian Poessinger
Debian/Systemd provides hostnamectl which disabllows setting a FQDN when there is a trailing (.) in the provided hostname. Extend regex when setting "system domain-name" that there can't be a trailing (.). Provide migration script for current installations to remove the dot.
2019-04-19[migration] T1344: unclutter 'system login radius-server' configuration nodesChristian Poessinger
2019-04-04T1323 - migrate operator accounts to admin accountshagbard
2019-01-26[webproxy] T1203: do not attempt to migrate proxy-bypass if it doesn't exist.Daniil Baturin
2019-01-07Fix: T1168 - Upgrade: 1,1,7 -> 1.2.0-epa2 (command conversion)hagbard
2018-12-31T1112: migrate BGP redistribute metric and route-map options too.Daniil Baturin
2018-12-31T1112: migrate BGP redistribute options (patch by Merijn).Daniil Baturin
2018-12-07T1060: build fix for wrong config-version numberChristian Poessinger
Commit 9d35610c173 ("T1060: add missing version file for webproxy") assumed that there is a webproxy config version of 0 but we already have 1. This lead to duplicate files detected by apt.
2018-12-02T1060: Add webproxy migration script (proxy-bypass -> whitelist).Dirk Steinkopf
2018-11-19T835: migration script for radius' secret vs. key, rolled back thehagbard
change to 'mode local|radius'
2018-11-17T1018: remove obsoleted 'dynamic' option from NTPChristian Poessinger
Increase NTP config version from 0 to 1. For more information see [1]. ntpd: Warning: the "dynamic" keyword has been obsoleted and will be removed in the next release [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
2018-11-12migration/l2tp: fix file commentChristian Poessinger
2018-11-12T987: Unclutter PPTP/IPSec RADIUS configuration nodesChristian Poessinger
In other words, remove top level tag nodes from radius-server and introduce a regular "radius" node, thus we can add additional features, too. A migration script is provided in vyos-1x which takes care of this config migration. Change VyOS CLI from: vyos@vyos# show vpn pptp remote-access { authentication { mode radius radius-server 172.16.100.10 { key barbarbar } radius-server 172.16.100.20 { key foofoofoo } } To: vyos@vyos# show vpn l2tp remote-access { authentication { mode radius radius { server 172.16.100.10 { key barbarbar } server 172.16.100.20 { key foofoofoo } } }
2018-11-11T987: Unclutter L2TP/IPSec RADIUS configuration nodesChristian Poessinger
In other words, remove top level tag nodes from radius-server and introduce a regular "radius" node, thus we can add additional features, too. A migration script is provided in vyos-1x which takes care of this config migration. Change VyOS CLI from: vyos@vyos# show vpn l2tp remote-access { authentication { mode radius radius-server 172.16.100.10 { key barbarbar } radius-server 172.16.100.20 { key foofoofoo } radius-source-address 172.16.254.100 } To: vyos@vyos# show vpn l2tp remote-access { authentication { mode radius radius { server 172.16.100.10 { key barbarbar } server 172.16.100.20 { key foofoofoo } source-address 172.16.254.100 } }
2018-11-02T939: Remove possibility to specify DHCP relay portChristian Poessinger
2018-10-21T634: remove 'service ssh allow-root'Christian Poessinger
2018-09-19T849: fix quagga 2-to-3 migration script permissions.Daniil Baturin
2018-09-19T849: remove stray debug prints.Daniil Baturin
2018-09-18T849: add a migration script for the new IPv4 BGP syntax.Daniil Baturin
2018-09-02T825: add system 8-to-9 migration scriptChristian Poessinger
2018-08-27T778: T782: dhcp-server: XML and Python rewriteChristian Poessinger
This commit changes in addtion the DHCP server config syntax as defined in "T782: Cleanup dhcp-server configuration". Replace boolean parameter from the folowing nodes and make it valueless. This requires a migration script which is tracked with this task * set service dhcp-server shared-network-name <xyz> subnet 172.31.0.0/24 ip-forwarding enable (true|false) * set service dhcp-server shared-network-name <xyz> authoritative (true|false) * set service dhcp-server disabled (true|false) * set service dhcp-server dynamic-dns-update enable (true|fals) * set service dhcp-server hostfile-update (enable|disable) Replace the nested start/stop ip address from "subnet 172.31.0.0/24 start 172.31.0.101 stop 172.31.0.149" to "subnet 172.31.0.0/24 range <foo> start" and "subnet 172.31.0.0/24 range <foo> stop" where foo can be any character or number. In addition the vyatta-cfg-dhcp-server package used it's own init/config file for service startup. This has been migrated to the vanilla Debian files. Copy 'on-dhcp-event.sh' from vyatta-cfg-shcp-server package commit 4749e648bca6.
2018-07-27T666, T616: new implementation of the VRRP CLI.Daniil Baturin
2018-05-31T629: replace the config-management migration script.Daniil Baturin
2018-05-29T667: add a migration script for converting "system gateway-address" to ↵Daniil Baturin
"protocols static route 0.0.0.0". Code-wise that option was in vyatta-cfg-quagga, but the syntax is inside "system", so let's keep the script under system too.