1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Documentation:
# - read VAGRANT.md
# - need vagrant plugin install vagrant-vyos
Vagrant.configure("2") do |config|
# enable the environment variables
# need vagrant plugin install vagrant-dotenv
config.env.enable
# vm to deploy tests
config.vm.define "pyvyos" do |pyvyos|
pyvyos.vm.box = "vyos/current"
pyvyos.vm.hostname = "pyvyos"
# network configuration of eth1
pyvyos.vm.network "private_network", ip: ENV['VYDEVICE_IP'], netmask: ENV['VYDEVICE_NETMASK']
pyvyos.ssh.host = ENV['HOST_IP']
# nat port forwarding
pyvyos.vm.network "forwarded_port", guest: 443, host: 8433, id: "https", auto_correct: true, protocol: "tcp", host_ip: ENV['HOST_IP']
pyvyos.vm.network "forwarded_port", guest: 22, host: 2022, id: "ssh", auto_correct: true, protocol: "tcp", host_ip: ENV['HOST_IP']
# ssh configuration default username and password of vyos/current is vyos / vyos
# if you want to change the default password, you can change in provision script
# also, you can disable ssh password in provision script and use only ssh key
pyvyos.ssh.username = "vyos"
pyvyos.ssh.password = "vyos"
# vagrant will insert the ssh key in the vm automatically, so password authentication after
# first boot is not necessary
pyvyos.ssh.insert_key = true
# mkdir /opt/vyatta/config/certs
# chmod 0700 /opt/vyatta/config/certs
# generate pki certificate self-signed file /opt/vyatta/config/certs/certself
# set pki certificate certself certificate "$(cat /opt/vyatta/config/certs/certself.pem | tail -n +2 | head -n -1 | tr -d '\n')"
# set pki certificate certself private key "$(cat /opt/vyatta/config/certs/certself.key | tail -n +2 | head -n -1 | tr -d '\n')"
# generate pki ca file /opt/vyatta/config/certs/certca
# set pki ca certca certificate "$(cat /opt/vyatta/config/certs/certca.pem | tail -n +2 | head -n -1 | tr -d '\n')"
# set pki ca certca private key "$(cat /opt/vyatta/config/certs/certca.key | tail -n +2 | head -n -1 | tr -d '\n')"
# shell script to provision the vyos vm
pyvyos.vm.provision "shell", inline: <<-SHELL
#!/bin/vbash
source /opt/vyatta/etc/functions/script-template
configure
set service https listen-address '#{ENV['VYDEVICE_IP']}'
set service https api keys id 'apikey' key '#{ENV['VYDEVICE_APIKEY']}'
set service https api debug
set service https api strict
commit
save
exit
SHELL
end
end
|
