<?xml version="1.0"?> <!-- HTTPS configuration --> <interfaceDefinition> <syntaxVersion component='https' version='2'></syntaxVersion> <node name="service"> <children> <node name="https" owner="${vyos_conf_scripts_dir}/https.py"> <properties> <help>HTTPS configuration</help> <priority>1001</priority> </properties> <children> <tagNode name="virtual-host"> <properties> <help>Identifier for virtual host</help> <constraint> <regex>[a-zA-Z0-9-_.:]{1,255}</regex> </constraint> <constraintErrorMessage>illegal characters in identifier or identifier longer than 255 characters</constraintErrorMessage> </properties> <children> <leafNode name="listen-address"> <properties> <help>Address to listen for HTTPS requests</help> <valueHelp> <format>ipv4</format> <description>HTTPS IPv4 address</description> </valueHelp> <valueHelp> <format>ipv6</format> <description>HTTPS IPv6 address</description> </valueHelp> <valueHelp> <format>'*'</format> <description>any</description> </valueHelp> <constraint> <validator name="ipv4-address"/> <validator name="ipv6-address"/> <regex>\*$</regex> </constraint> </properties> </leafNode> <leafNode name='listen-port'> <properties> <help>Port to listen for HTTPS requests; default 443</help> <valueHelp> <format>1-65535</format> <description>Numeric IP port</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> <leafNode name="server-name"> <properties> <help>Server names: exact, wildcard, or regex</help> <multi/> </properties> </leafNode> </children> </tagNode> <node name="api" owner="${vyos_conf_scripts_dir}/http-api.py"> <properties> <help>VyOS HTTP API configuration</help> <priority>1002</priority> </properties> <children> <leafNode name="port"> <properties> <help>Port for HTTP API service</help> <valueHelp> <format>1-65535</format> <description>Numeric IP port</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-65535"/> </constraint> </properties> </leafNode> <node name="keys"> <properties> <help>HTTP API keys</help> </properties> <children> <tagNode name="id"> <properties> <help>HTTP API id</help> </properties> <children> <leafNode name="key"> <properties> <help>HTTP API plaintext key</help> </properties> </leafNode> </children> </tagNode> </children> </node> <leafNode name="strict"> <properties> <help>Enforce strict path checking</help> <valueless/> </properties> </leafNode> <leafNode name="debug"> <properties> <help>Debug</help> <valueless/> <hidden/> </properties> </leafNode> </children> </node> <node name="api-restrict"> <properties> <help>Restrict api proxy to subset of virtual hosts</help> </properties> <children> <leafNode name="virtual-host"> <properties> <help>Restrict proxy to virtual host(s)</help> <multi/> </properties> </leafNode> </children> </node> <node name="certificates"> <properties> <help>TLS certificates</help> </properties> <children> <node name="system-generated-certificate" owner="${vyos_conf_scripts_dir}/vyos_cert.py"> <properties> <help>Use an automatically generated self-signed certificate</help> </properties> <children> <leafNode name="lifetime"> <properties> <help>Lifetime in days; default is 365</help> <valueHelp> <format>1-65535</format> <description>Number of days</description> </valueHelp> </properties> </leafNode> </children> </node> <node name="certbot" owner="${vyos_conf_scripts_dir}/le_cert.py"> <properties> <help>Request or apply a letsencrypt certificate for domain-name</help> </properties> <children> <leafNode name="domain-name"> <properties> <help>Domain name(s) for which to obtain certificate</help> <multi/> </properties> </leafNode> <leafNode name="email"> <properties> <help>Email address to associate with certificate</help> </properties> </leafNode> </children> </node> </children> </node> </children> </node> </children> </node> </interfaceDefinition>