summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2021-11-15graphql: T3993: add config file save/loadJohn Estabrook
(cherry picked from commit 8915a19f7761253b7bdf6ca847069539ee33851d)
2021-11-15graphql: T3993: move schema generation to bindings.py; clean up for lintingJohn Estabrook
(cherry picked from commit 9e2694b24b06d928240522322c9a6d60c7a7d290)
2021-11-15l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
(cherry picked from commit 3d00140453b3967370c77ddd9dac4af223a7ddce)
2021-11-08T3912: remove duplicate "Welcome to VyOS!" already shown by pre-loginChristian Poessinger
(cherry picked from commit 73be449b1cd09f3ca86400753630fb4804fbeca7)
2021-11-07http-api: T2768: update dhcp-server example for migration 5-to-6John Estabrook
(cherry picked from commit dc9a2821d063a96681d6cb1d962618829b71937d)
2021-11-07http-api: T3440: give uvicorn time to initialize before starting NginxJohn Estabrook
(cherry picked from commit 889e16a77517549fb833a90d047455533be02f06)
2021-11-07http-api: T2768: add README.graphqlJohn Estabrook
(cherry picked from commit 5b69aad5bfe1fd1dfc51afb1d4b6323028009deb)
2021-11-07http-api: T2768: example using GraphQL for high-level config operationsJohn Estabrook
(cherry picked from commit b168b4cc7da456f14714d917cdc7a1c6b8df9af5)
2021-11-07http-api: T3616: update for strict content-type check in FastAPI 0.65.2John Estabrook
FastAPI 0.65.2 checks content-type request header before assuming JSON, closing a well-known loophole. This requires a modification of the code providing backwards compatibility of multipart forms. (cherry picked from commit 3a9041e2d4d4a48ba7c01439e69c5f86a4a850c2)
2021-11-07http api: T3412: use FastAPI as web framework; support application/jsonJohn Estabrook
Replace the Flask micro-framework with FastAPI, in order to support extensions to the API and OpenAPI 3.* generation. This change will remain backwards compatible with previous versions. Notably, the multipart forms version of requests remain supported; in addition application/json requests are now natively supported. (cherry picked from commit 0125fff200efe3259aa25953e7505f69679261f8)
2021-11-07T3912: use a more informative default login bannerChristian Poessinger
(cherry picked from commit 5d39a113bdef82e201aa43f848217c30db2f6fd9)
2021-11-01dhclient: T3940: Added lease file argument to the `dhclient -x` callzsdc
When `dhclient` with the `-x` option is used to stop running DHCP client with a lease file that is not the same as in the new `dhclient` process, it requires a `-lf` argument with a path to the old lease file to find information about old/active leases and process them according to instructions and config. This commit adds the option to the `02-vyos-stopdhclient` hook, which allows to properly process `dhclient` instances started in different ways. (cherry picked from commit 393970f9ee5b3dfc58e0e999d3d5941a198b2c6f)
2021-10-31tunnel: T3956: GRE key check must not be run on our own interface instanceChristian Poessinger
2021-10-31netflow: T3953: use warning if "netflow source-ip" does not exist instead of ↵Christian Poessinger
error (cherry picked from commit 17215846b512851e7df8cdfcfc06c18b1d27f763)
2021-10-31console: udev: T3954: adjust rule script to new systemd-udev versionChristian Poessinger
We can no longer use bash veriable string code vor string manipulation. Move to a more robust "cut" implementation. (cherry picked from commit 513e951f3e1358ec6ff5424d03e8f4e9aa7c3388)
2021-10-31console: T3954: bugfix RuntimeError: dictionary keys changed during iterationChristian Poessinger
(cherry picked from commit f227987ccf41e01d4ddafb6db7b36ecf13148c78)
2021-10-28IPSec: T3941: Fix uptime for tunnels sa op-modeViacheslav
The current uptime for tunnels is getting from parent SA That is incorrect as we should get value from child SA
2021-10-27vrrp: T3944: reload daemon instead of restart when already runningChristian Poessinger
This prevents a failover from MASTER -> BACKUP when changing any MASTER related configuration. (cherry picked from commit 2c82c9acbde2ccca9c7bb5e646a45fd646463afe)
2021-10-26op-mode: T3942: Add feature generate IPSec debug-archiveViacheslav
2021-10-22sstp: T2566: Fix verify section for pool ipv6 onlyViacheslav
2021-10-21Merge pull request #1032 from ross211/dhclient-vyos-cleanupChristian Poessinger
dhclient hooks: T3920: avoid 'too many args' error when no vrf
2021-10-21dhcp-server: T3610: Allow configuration for non-primary ip addressViacheslav
(cherry picked from commit 78cfb949cc6bceab744271cf23f269276b178182)
2021-10-21dhcp: T3626: Prevent to disable only one configured networkViacheslav
(cherry picked from commit 9c825a3457a88a4eebc6475f92332822e5102889)
2021-10-21tunnel: T3925: dhcp-interface was of no use - use source-interface insteadChristian Poessinger
2021-10-20tunnel: T3921: bugfix KeyError for source-addressChristian Poessinger
2021-10-20dhcpv6-server: T3918: Fix subnets verify raise ConfigErrorViacheslav
(cherry picked from commit ead10909ba9104733930bb3f59c90610138bd047)
2021-10-20dhclient hooks: T3920: avoid 'too many args' error when no vrfRoss Dougherty
2021-10-08tunnel: T3893: harden logic when validating tunnel parametersChristian Poessinger
Different types of tunnels have different keys set in get_interface_config(). Thus it should be properly verified (by e.g. using dict_search()) that the key in question esits to not raise KeyError. (cherry picked from commit 5aadf673497b93e2d4ad304e567de1cd571f9e25)
2021-10-04T3889: Revert "dhcpv6-pd: T421: disable wide dhcpv6 client debug messages"Christian Poessinger
This reverts commit 184f25819fa43fc892b97c0044813b8aa56855b4.
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger
2021-10-01vrrp: T3877: remove debug outputChristian Poessinger
2021-09-30vrrp: T3877: backport handlers to solve "default rfc3768-compatibility" issueJohn Estabrook
Do not create rfc3768-compatibility interfaces by default because of wrong Jinja2 syntax. Backporting the entire system makes it easier in the future to additional bugfixes.
2021-09-28dhclient: T3852: Fixed dhclient processes searchzsdc
Backported commits: 13abffe43b2a5c41bb4ec4675c227f6cf1f868da 01158a8eaa574c48c726c20693479e4aa6e18ee6 This allows finding all running dhclient processes properly.
2021-09-26T3866: ignore interfaces without "address" in DNS forwarding migrationDaniil Baturin
2021-09-26op-mode: reboot/poweroff: T3857: send wall message to all usersChristian Poessinger
(cherry picked from commit 0ee26592772a14e829d9d1f8e64f9db875f31a63)
2021-09-22vrrp: keepalived: T616: bugfix for invalid os.unlink()Christian Poessinger
Commit 260f3832 ("vrrp: keepalived: T616: drop /etc/default/keepalived") dropped the old daemon configuration but there was one line of code that tried to delete the file which was no longer present. This resulted in: KeyError: 'daemon'
2021-09-21vrrp: keepalived: T616: drop /etc/default/keepalivedChristian Poessinger
This is a follow-up commit to 65398e5c8 ("vrrp: keepalived: T616: move configuration to volatile /run directory") as it makes no sense to store a static /etc/default/keepalived file marked as "Autogenerated by VyOS" that only enabled the SNMP option to keepalived. Better pass the --snmp switch via the systemd override file and drop all other references/files.
2021-09-21vrrp: keepalived: T616: move configuration to volatile /run directoryChristian Poessinger
Move keepalived configuration from /etc/keepalived to /run/keepalived. (cherry picked from commit b243795eba1b36cadd81c3149e833bdf5c5bea70)
2021-09-21vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks featureChristian Poessinger
This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file. (cherry picked from commit c1ac0630cfe0ee65569fbe435cc006ade20fed22)
2021-09-19dhcp-server: T3672: migrate failover name optionChristian Poessinger
Commit 2985035b (dhcp-server: T3672: re-add missing "name" CLI option) unfortunately did not add the name option to the migration script. (cherry picked from commit e83a113360ba18043edcf7f70689c7042dee2b37)
2021-09-19dhcp-server: T2927: Add empty args if does not possible to determine variablesDmitriyEshenko
(cherry picked from commit 2f8b33a26e63e5b9ac4e697b9312f2238d6241f3)
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides. (cherry picked from commit 2985035bcb2f3732e15a41e3c2ee6c6c93a6836e)
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
(cherry picked from commit a8ccf72c222caad8cd7aaca9bca773be39e87f5c)
2021-09-19dhcp-server: T3838: rename dns-server to name-server nodeChristian Poessinger
IPv4 DHCP uses "dns-server" to specify one or more name-servers for a given pool. In order to use the same CLI syntax this should be renamed to name-server, which is already the case for DHCPv6. (cherry picked from commit e2f9f4f4e8b2e961a58d935d09798ddb4e1e0460)
2021-09-19dhcp-server: T1968: allow multiple static-routes to be configuredChristian Poessinger
vyos@vyos# show service dhcp-server shared-network-name LAN { subnet 10.0.0.0/24 { default-router 10.0.0.1 dns-server 194.145.150.1 lease 88 range 0 { start 10.0.0.100 stop 10.0.0.200 } static-route 192.168.10.0/24 { next-hop 10.0.0.2 } static-route 192.168.20.0/24 { router 10.0.0.2 } } } (cherry picked from commit a4440bd589db645eb99f343a8163e188a700774c)
2021-09-18validator: T2417: bugfix on Python3 f'ormat stringsChristian Poessinger
Commit 3639a5610b590a ("validator: T2417: try to make the code clearer") introduced Python3 f'ormatted strings but missed the "f" keyword. (cherry picked from commit dda9f655f94968b07043887a03e3bba176eb94d5)
2021-09-14dhcpv6-pd: T421: disable wide dhcpv6 client debug messagesChristian Poessinger
(cherry picked from commit 6b48900358ce9b01eaa78e3a086e95a26064f0df)
2021-09-14openvpn: T3822: fix certificate permissionsChristian Poessinger
Commit b8bb9f586 ("T3822: set the OpenVPN key file owner to openvpn:openvpn") changed the permissions only for file present in the "fix_permissions" list. The list did not contain all required certificates - this has been fixed.
2021-09-12T3822: set the OpenVPN key file owner to openvpn:openvpnDaniil Baturin
2021-09-11Fix inconsistent capitalization in the show version outputDaniil Baturin