1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
# Configuration
Guide to configuring PyVyOS for connecting to VyOS devices.
## Environment Variables
The recommended way to configure PyVyOS is using environment variables with a `.env` file.
### Required Variables
- `VYDEVICE_HOSTNAME`: IP address or hostname of your VyOS device
- `VYDEVICE_APIKEY`: API key for authentication
### Optional Variables
- `VYDEVICE_PORT`: API port (default: 443)
- `VYDEVICE_PROTOCOL`: Protocol "http" or "https" (default: https)
- `VYDEVICE_VERIFY_SSL`: "True" or "False" (default: True)
## .env File Setup
Create a `.env` file in your project root:
```bash
VYDEVICE_HOSTNAME=192.168.1.1
VYDEVICE_APIKEY=your-secret-api-key
VYDEVICE_PORT=443
VYDEVICE_PROTOCOL=https
VYDEVICE_VERIFY_SSL=False
```
## Loading Configuration
```python
from dotenv import load_dotenv
import os
from pyvyos import VyDevice
load_dotenv()
device = VyDevice(
hostname=os.getenv('VYDEVICE_HOSTNAME'),
apikey=os.getenv('VYDEVICE_APIKEY'),
port=int(os.getenv('VYDEVICE_PORT', 443)),
protocol=os.getenv('VYDEVICE_PROTOCOL', 'https'),
verify=os.getenv('VYDEVICE_VERIFY_SSL', 'True').lower() == 'true'
)
```
## Direct Configuration
Pass parameters directly:
```python
device = VyDevice(hostname="192.168.1.1", apikey="your-api-key",
port=443, protocol="https", verify=False, timeout=30)
```
## SSL & Timeout
SSL verification enabled by default. To disable (dev only):
```python
import urllib3
urllib3.disable_warnings()
device = VyDevice(..., verify=False, timeout=60)
```
## Generating API Key on VyOS
1. SSH into your VyOS device
2. Run: `configure`
3. Run: `set system api http interface <interface>`
4. Run: `set system api http port <port>`
5. Run: `set system api http api-key <key-name> key <key-value>`
6. Run: `commit` and `save`
## Security Best Practices
- Never commit `.env` files to version control
- Use strong API keys
- Enable SSL verification in production
- Restrict API access to specific interfaces/IPs on VyOS
- Rotate API keys regularly
|