<?xml version="1.0"?> <interfaceDefinition> <node name="service"> <children> <node name="https" owner="${vyos_conf_scripts_dir}/service_https.py"> <properties> <help>HTTPS configuration</help> <priority>1001</priority> </properties> <children> <node name="api"> <properties> <help>VyOS HTTP API configuration</help> </properties> <children> <node name="keys"> <properties> <help>HTTP API keys</help> </properties> <children> <tagNode name="id"> <properties> <help>HTTP API id</help> </properties> <children> <leafNode name="key"> <properties> <help>HTTP API plaintext key</help> </properties> </leafNode> </children> </tagNode> </children> </node> <leafNode name="strict"> <properties> <help>Enforce strict path checking</help> <valueless/> </properties> </leafNode> <leafNode name="debug"> <properties> <help>Debug</help> <valueless/> <hidden/> </properties> </leafNode> <node name="graphql"> <properties> <help>GraphQL support</help> </properties> <children> <leafNode name="introspection"> <properties> <help>Schema introspection</help> <valueless/> </properties> </leafNode> <node name="authentication"> <properties> <help>GraphQL authentication</help> </properties> <children> <leafNode name="type"> <properties> <help>Authentication type</help> <completionHelp> <list>key token</list> </completionHelp> <valueHelp> <format>key</format> <description>Use API keys</description> </valueHelp> <valueHelp> <format>token</format> <description>Use JWT token</description> </valueHelp> <constraint> <regex>(key|token)</regex> </constraint> </properties> <defaultValue>key</defaultValue> </leafNode> <leafNode name="expiration"> <properties> <help>Token time to expire in seconds</help> <valueHelp> <format>u32:60-31536000</format> <description>Token lifetime in seconds</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 60-31536000"/> </constraint> </properties> <defaultValue>3600</defaultValue> </leafNode> <leafNode name="secret-length"> <properties> <help>Length of shared secret in bytes</help> <valueHelp> <format>u32:16-65535</format> <description>Byte length of generated shared secret</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 16-65535"/> </constraint> </properties> <defaultValue>32</defaultValue> </leafNode> </children> </node> </children> </node> <node name="cors"> <properties> <help>Set CORS options</help> </properties> <children> <leafNode name="allow-origin"> <properties> <help>Allow resource request from origin</help> <multi/> </properties> </leafNode> </children> </node> </children> </node> #include <include/allow-client.xml.i> <leafNode name="enable-http-redirect"> <properties> <help>Enable HTTP to HTTPS redirect</help> <valueless/> </properties> </leafNode> #include <include/listen-address.xml.i> #include <include/port-number.xml.i> <leafNode name='port'> <defaultValue>443</defaultValue> </leafNode> <leafNode name="request-body-size-limit"> <properties> <help>Maximum request body size in megabytes</help> <valueHelp> <format>u32:1-256</format> <description>Request body size in megabytes</description> </valueHelp> <constraint> <validator name="numeric" argument="--range 1-256"/> </constraint> </properties> <defaultValue>1</defaultValue> </leafNode> <node name="certificates"> <properties> <help>TLS certificates</help> </properties> <children> #include <include/pki/ca-certificate.xml.i> #include <include/pki/certificate.xml.i> #include <include/pki/dh-params.xml.i> </children> </node> <leafNode name="tls-version"> <properties> <help>Specify available TLS version(s)</help> <completionHelp> <list>1.2 1.3</list> </completionHelp> <valueHelp> <format>1.2</format> <description>TLSv1.2</description> </valueHelp> <valueHelp> <format>1.3</format> <description>TLSv1.3</description> </valueHelp> <constraint> <regex>(1.2|1.3)</regex> </constraint> <multi/> </properties> <defaultValue>1.2 1.3</defaultValue> </leafNode> #include <include/interface/vrf.xml.i> </children> </node> </children> </node> </interfaceDefinition>