From 34eadcf2f74ae57342997bed77ce64bddd34219b Mon Sep 17 00:00:00 2001 From: Christian Breunig Date: Sat, 6 Jan 2024 10:55:42 +0100 Subject: https: T5902: remove virtual-host configuration We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement. (cherry picked from commit d0d3071e99eb65edb888c26ef2fdc9e038438887) --- python/vyos/defaults.py | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) (limited to 'python/vyos/defaults.py') diff --git a/python/vyos/defaults.py b/python/vyos/defaults.py index 2f3580571..64145a42e 100644 --- a/python/vyos/defaults.py +++ b/python/vyos/defaults.py @@ -37,6 +37,7 @@ directories = { } config_status = '/tmp/vyos-config-status' +api_config_state = '/run/http-api-state' cfg_group = 'vyattacfg' @@ -45,14 +46,3 @@ cfg_vintage = 'vyos' commit_lock = '/opt/vyatta/config/.lock' component_version_json = os.path.join(directories['data'], 'component-versions.json') - -https_data = { - 'listen_addresses' : { '*': ['_'] } -} - -vyos_cert_data = { - 'conf' : '/etc/nginx/snippets/vyos-cert.conf', - 'crt' : '/etc/ssl/certs/vyos-selfsigned.crt', - 'key' : '/etc/ssl/private/vyos-selfsign', - 'lifetime' : '365', -} -- cgit v1.2.3