VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos-contrib/veeos-1x.git) https://git.amelek.net/vyos-contrib/veeos-1x.git/atom?h=circinus 2024-09-30T15:26:24+00:00 2024-09-30T15:26:24+00:00 Nicolas Fort nicolasfort1988@gmail.com 2024-08-30T17:54:17+00:00 urn:sha1:8dcb042bb2352717395ba3c17bc5437534c83af5 (cherry picked from commit 4c3d037f036e84c77333a400b35bb1a628a1a118) 2024-09-09T13:25:42+00:00 Christian Breunig christian@breunig.cc 2024-09-06T15:57:24+00:00 urn:sha1:aface21a83f54e0f1a60549589d6ad2caa40f473 During podman upgrade and a build from the original source the UNIX socket definition for systemd got lost in translation. This commit re-adds the UNIX socket which is started on boot to interact with Podman. Example: curl --unix-socket /run/podman/podman.sock -H 'content-type: application/json' \ -sf http://localhost/containers/json (cherry picked from commit f67e217f2716937115a3bdf6d316b172bbec75e5) 2024-05-14T16:47:29+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2024-05-14T16:47:29+00:00 urn:sha1:7c438caa2c21101cbefc2eec21935ab55af19c46 Remove `service upnp` as it never worked as expected, nft rules do not integrated and custom patches do not seem like a suitable solution for now. Security: UPnP has been historically associated with security risks due to its automatic and potentially unauthenticated nature. UPnP devices might be vulnerable to unauthorized access or exploitation. 2024-03-28T06:36:22+00:00 Christian Breunig christian@breunig.cc 2024-03-28T06:36:22+00:00 urn:sha1:7dbaa25a199a781aaa9f269741547e576410cb11 The current op-mode script simply calls sudo systemctl restart "dhclient@$4.service" with no additional information about a client interface at all. This results in useless dhclient processes root 47812 4.7 0.0 5848 3584 ? Ss 00:30 0:00 /sbin/dhclient -4 -d root 48121 0.0 0.0 4188 3072 ? S 00:30 0:00 \_ /bin/sh /sbin/dhclient-script root 48148 50.0 0.2 18776 11264 ? R 00:30 0:00 \_ python3 - Which also assign client leases to all local interfaces, if we receive one valid DHCPOFFER vyos@vyos:~$ show interfaces Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address MAC VRF MTU S/L Description ----------- ----------------- ----------------- ------- ----- ----- ------------- eth0 - 00:50:56:bf:c5:6d default 1500 u/u eth0.10 172.16.33.102/24 00:50:56:bf:c5:6d default 1500 u/u eth1 172.16.33.131/24 00:50:56:b3:38:c5 default 1500 u/u 172.16.33.102/24 and 172.16.33.131/24 are stray DHCP addresses. This commit moved the renew command to the DHCP op-mode script to properly validate if the interface we request a renew for, has actually a dhcp address configured. In additional this exposes the renew feature to the API. 2024-03-24T09:20:53+00:00 Christian Breunig christian@breunig.cc 2024-03-24T09:07:01+00:00 urn:sha1:5a12645cb25fb23f2195db1e2e977a69d0788d01 The PCEngines APU2 systems with mSATA disks tend to be very slow. This results in a service startup error: $ systemctl status vyos-grub-update × vyos-grub-update.service - Update GRUB loader configuration structure Loaded: loaded (/lib/systemd/system/vyos-grub-update.service; enabled; preset: enabled) Active: failed (Result: timeout) since Sun 2024-03-24 08:48:10 UTC; 14min ago Main PID: 779 (code=killed, signal=TERM) CPU: 869ms Mar 24 08:48:05 LR4.wue3 systemd[1]: Starting vyos-grub-update.service - Update GRUB loader configuration structure... Mar 24 08:48:10 LR4.wue3 systemd[1]: vyos-grub-update.service: start operation timed out. Terminating. Mar 24 08:48:10 LR4.wue3 systemd[1]: vyos-grub-update.service: Main process exited, code=killed, status=15/TERM Mar 24 08:48:10 LR4.wue3 systemd[1]: vyos-grub-update.service: Failed with result 'timeout'. Mar 24 08:48:10 LR4.wue3 systemd[1]: Failed to start vyos-grub-update.service - Update GRUB loader configuration structure. Measunring on an APU2 system after boot and memory is "hot", it still needs almost 17 seconds to complete the job cpo@LR4.wue3:~$ time sudo /usr/libexec/vyos/system/grub_update.py real 0m16.803s user 0m0.018s sys 0m0.028s 2023-12-07T23:29:38+00:00 sarthurdev 965089+sarthurdev@users.noreply.github.com 2022-12-16T10:41:33+00:00 urn:sha1:d95200e96763e4a7ed02577b1b177c84abb77838 2023-11-15T17:29:04+00:00 zsdc taras@vyos.io 2023-01-19T18:18:42+00:00 urn:sha1:8f94262e8fa2477700c50303ea6e2c6ddad72adb This commit adds the whole set of system image tools written from the scratch in Python that allows performing all the operations on images: * check information * perform installation and deletion * versions management Also, it contains a new service that will update the GRUB menu and keep tracking its version in the future. WARNING: The commit contains non-reversible changes. Because of boot menu changes, it will not be possible to manage images from older VyOS versions after an update. 2023-09-15T09:47:00+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2023-09-15T09:47:00+00:00 urn:sha1:27ad9f5ba6437d66178450b37c7a5bf79bc3d67a T5261: Add AWS load-balancing tunnel handler 2023-09-11T12:14:24+00:00 Christian Breunig christian@breunig.cc 2023-09-11T12:14:24+00:00 urn:sha1:af398c51f7d06cdf582b347a35b1e5c867aaea58 2023-09-04T14:54:05+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2023-08-29T10:02:32+00:00 urn:sha1:c07055258b853de641d2a1353582800b24c514d2 Render isc-dhcp-server systemd unit from configuration