From 5e000b3ab915e70db8fe62f442a7c99c73d8e558 Mon Sep 17 00:00:00 2001 From: rebortg Date: Fri, 29 Mar 2019 21:57:55 +0100 Subject: add Task scheduler --- docs/system/index.rst | 1 + docs/system/task-scheduler.rst | 59 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 60 insertions(+) create mode 100644 docs/system/task-scheduler.rst (limited to 'docs/system') diff --git a/docs/system/index.rst b/docs/system/index.rst index 368b62ff..d2a3d763 100644 --- a/docs/system/index.rst +++ b/docs/system/index.rst @@ -16,4 +16,5 @@ should be ready for further configuration which is described in this chapter. host-information systemusers syslog + task-scheduler config-management \ No newline at end of file diff --git a/docs/system/task-scheduler.rst b/docs/system/task-scheduler.rst new file mode 100644 index 00000000..032a2bea --- /dev/null +++ b/docs/system/task-scheduler.rst @@ -0,0 +1,59 @@ +.. _task-scheduler: + + +Task scheduler +-------------- + +Task scheduler — allows scheduled task execution. Note that scripts excecuted this way are executed as root user - this may be dangerous. + +.. code-block:: sh + + system + task-scheduler + task + cron-spec + executable + arguments + path + interval + [mhd] + +Interval +******** + +You are able to set the time as an time interval. + +.. code-block:: sh + + set system task-scheduler task interval + +Sets the task to execute every N minutes, hours, or days. Suffixes: + + * m — minutes + * h — hours + * d — days + +If suffix is omitted, minutes are implied. + +Or set the execution time in common cron time. + +.. code-block:: sh + + set system task-scheduler task TEST crontab-spec "* * * 1 *" + +Example +******* + +.. code-block:: sh + + system + task-scheduler + task mytask + interval 2h + executable + path /config/scripts/mytask + arguments "arg1 arg2 arg3" + task anothertask + cron-spec "* * * 1 *" + executable + path /config/scripts/anothertask \ No newline at end of file -- cgit v1.2.3 From fdf235905c0fb13591078e9b0b065dacfdd801fc Mon Sep 17 00:00:00 2001 From: rebortg Date: Wed, 3 Apr 2019 21:58:58 +0200 Subject: add commandscripting docu --- docs/commandscripting.rst | 51 ++++++++++++++++++++++++++++++++++++++++++ docs/index.rst | 1 + docs/system/task-scheduler.rst | 3 ++- 3 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 docs/commandscripting.rst (limited to 'docs/system') diff --git a/docs/commandscripting.rst b/docs/commandscripting.rst new file mode 100644 index 00000000..918a51a6 --- /dev/null +++ b/docs/commandscripting.rst @@ -0,0 +1,51 @@ +.. _commandscripting: + + +Command scripting +================= + +VyOS supports executing configuration and operational commands non-interactively from shell scripts. + +To include VyOS-specific functions and aliases you need to ``source /opt/vyatta/etc/functions/script-template`` files at the top of your script. + +.. code-block:: sh + + #!/bin/vbash + source /opt/vyatta/etc/functions/script-template + + exit + +Run configuration commands +-------------------------- + +Configuration commands are executed just like from a normal config session. + +For example, if you want to disable a BGP peer on VRRP transition to backup: + +.. code-block:: sh + + #!/bin/vbash + source /opt/vyatta/etc/functions/script-template + + configure + + set protocols bgp 65536 neighbor 192.168.2.1 shutdown + + commit + + exit + + +Run operational commands +------------------------ + +Unlike a normal configuration sessions, all operational commands must be prepended with ``run``, even if you haven't created a session with configure. + +.. code-block:: sh + + #!/bin/vbash + source /opt/vyatta/etc/functions/script-template + + run show interfaces + + exit \ No newline at end of file diff --git a/docs/index.rst b/docs/index.rst index 19b095ae..fb15e991 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -30,6 +30,7 @@ as a router and firewall platform for cloud deployments. high-availability.rst clustering.rst image-mgmt.rst + commandscripting.rst troubleshooting.rst examples.rst commandtree/index.rst diff --git a/docs/system/task-scheduler.rst b/docs/system/task-scheduler.rst index 032a2bea..73057afd 100644 --- a/docs/system/task-scheduler.rst +++ b/docs/system/task-scheduler.rst @@ -4,7 +4,8 @@ Task scheduler -------------- -Task scheduler — allows scheduled task execution. Note that scripts excecuted this way are executed as root user - this may be dangerous. +| Task scheduler — allows scheduled task execution. Note that scripts excecuted this way are executed as root user - this may be dangerous. +| Together with :ref:`commandscripting` this can be used for automating configuration. .. code-block:: sh -- cgit v1.2.3 From c77c4df9d12bdd97557d2c9ef0200fa612cac8c6 Mon Sep 17 00:00:00 2001 From: hagbard Date: Fri, 5 Apr 2019 10:04:09 -0700 Subject: T1324 - update documtation for 'set system login user level' --- docs/system/systemusers.rst | 22 ++++++---------------- 1 file changed, 6 insertions(+), 16 deletions(-) (limited to 'docs/system') diff --git a/docs/system/systemusers.rst b/docs/system/systemusers.rst index a8ae570e..ef153377 100644 --- a/docs/system/systemusers.rst +++ b/docs/system/systemusers.rst @@ -3,31 +3,21 @@ System Users ------------ -VyOS supports two levels of users: admin and operator. +The default vyos user account, as well as newly created user accounts, have all capabilities to configure the system. +All accounts have sudo capabilities and therefore can operate as root on the system. +Setting the level to admin is optional, all accounts on the system +will have admin privileges. -The operator level restricts a user to operational commands and prevents -changes to system configuration. This is useful for gathering information -about the state of the system (dhcp leases, vpn connections, routing tables, -etc...) and for manipulating state of the system, such as resetting -connections, clearing counters and bringing up and taking down connection -oriented interfaces. - -The admin level has all of the capabilities of the operator level, plus the -ability to change system configuration. The admin level also enables a user -to use the sudo command, which essentially means the user has root access to -the system. Creating Login User Accounts ^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -Create user account `jsmith`, with `admin` level access and the password -`mypassword` +Create user account `jsmith` and the password `mypassword`. .. code-block:: sh set system login user jsmith full-name "Johan Smith" set system login user jsmith authentication plaintext-password mypassword - set system login user jsmith level admin The command: @@ -63,4 +53,4 @@ The following command will load the public key `dev.pub` for user `jsmith` .. code-block:: sh - loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub \ No newline at end of file + loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub -- cgit v1.2.3 From a991b61be4e426f3c1f5b2b98ce5e59d3b14a56b Mon Sep 17 00:00:00 2001 From: rebortg Date: Tue, 9 Apr 2019 16:08:15 +0200 Subject: add show syslog and show syslog from image --- docs/system/syslog.rst | 63 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) (limited to 'docs/system') diff --git a/docs/system/syslog.rst b/docs/system/syslog.rst index dbf7420a..8acbc237 100644 --- a/docs/system/syslog.rst +++ b/docs/system/syslog.rst @@ -112,3 +112,66 @@ logged in, no messages are being displayed. .. code-block:: sh set system syslog user facility level + +Show logs +^^^^^^^^^ + +Display log files on the console + +.. code-block:: sh + + vyos@vyos:~$ show log + Possible completions: + Execute the current command + all Show contents of all master log files + authorization Show listing of authorization attempts + cluster Show log for Cluster + conntrack-sync + Show log for Conntrack-sync + dhcp Show log for Dynamic Host Control Protocol (DHCP) + directory Show listing of user-defined log files + dns Show log for Domain Name Service (DNS) + file Show contents of user-defined log file + firewall Show log for Firewall + https Show log for Https + image Show logs from an image + lldp Show log for Lldp + nat Show log for Network Address Translation (NAT) + openvpn Show log for Openvpn + snmp Show log for Simple Network Monitoring Protocol (SNMP) + tail Monitor last lines of messages file + vpn Show log for Virtual Private Network (VPN) + vrrp Show log for Virtual Router Redundancy Protocol (VRRP) + webproxy Show log for Webproxy + +Show contents of a log file in an image +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +Log messages from a specified image can be displayed on the console: + +.. code-block:: sh + + $ show log image + $ show log image [all | authorization | directory | file | tail ] + +Details of allowed parameters: + +.. list-table:: + :widths: 25 75 + :header-rows: 0 + + * - all + - Display contents of all master log files of the specified image + * - authorization + - Display all authorization attempts of the specified image + * - directory + - Display list of all user-defined log files of the specified image + * - file + - Display contents of a specified user-defined log file of the specified image + * - tail + - Display last lines of the system log of the specified image + * - + - Number of lines to be displayed, default 10 + + +When no options/parameters are used, the contents of the main syslog file are displayed. -- cgit v1.2.3