diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-01-29 10:49:30 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-02-03 20:25:43 +0000 |
commit | 3cb781fc41106d42ae911439c97d3c0d8e8090c5 (patch) | |
tree | f097880121961fb16f44a00b818e42c1ccbcb17d | |
parent | 143a8a19b7e9430b6e13239ceaf362410e1d42f6 (diff) | |
download | vyatta-cfg-quagga-3cb781fc41106d42ae911439c97d3c0d8e8090c5.tar.gz vyatta-cfg-quagga-3cb781fc41106d42ae911439c97d3c0d8e8090c5.zip |
rpki: T3255: move to vyos-1x
(cherry picked from commit e87556e49d7289a316305e58d7afb070f0382021)
15 files changed, 0 insertions, 140 deletions
diff --git a/Makefile.am b/Makefile.am index 174349b5..1bed4416 100644 --- a/Makefile.am +++ b/Makefile.am @@ -13,7 +13,6 @@ sbin_SCRIPTS += scripts/vyatta-gateway-static_route-check.pl sbin_SCRIPTS += scripts/vyatta-link-detect sbin_SCRIPTS += scripts/vyatta-next-hop-check sbin_SCRIPTS += scripts/vyatta-update-static-route.pl -sbin_SCRIPTS += scripts/vyos-update-rpki-cache.py bin_sudo_users_SCRIPTS = scripts/vyatta-static-dhcp.pl diff --git a/scripts/vyos-update-rpki-cache.py b/scripts/vyos-update-rpki-cache.py deleted file mode 100644 index f290d119..00000000 --- a/scripts/vyos-update-rpki-cache.py +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/env python3 - -import sys -import subprocess - -import vyos.config - - -base_path = "protocols rpki " - -def create_cache(c, cache): - new_port = c.return_value(base_path + "cache {0} port".format(cache)) - new_addr = c.return_value(base_path + "cache {0} address".format(cache)) - new_pref = c.return_value(base_path + "cache {0} preference".format(cache)) - - ssh = False - if c.exists(base_path + "cache {0} ssh".format(cache)): - ssh = True - new_user = c.return_value(base_path + "cache {0} ssh username".format(cache)) - new_pubkey = c.return_value(base_path + "cache {0} ssh public-key-file".format(cache)) - new_privkey = c.return_value(base_path + "cache {0} ssh private-key-file".format(cache)) - new_known_hosts = c.return_value(base_path + "cache {0} ssh known-hosts-file".format(cache)) - - if (not new_user) or (not new_pubkey) or (not new_privkey) or (not new_known_hosts): - print("If SSH is used for RPKI cache, username, public/private keys, and known hosts file must be defined") - sys.exit(1) - - if (not new_addr) or (not new_port): - print("Address and port must be defined for RPKI cache servers") - sys.exit(1) - - if not new_pref: - new_pref = 1 - - if ssh: - subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'rpki cache {0} {1} {2} {3} {4} {5} preference {6}' """.format(new_addr, new_port, new_user, new_privkey, new_pubkey, new_known_hosts, new_pref), shell=True) - else: - subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'rpki cache {0} {1} preference {2}' """.format(new_addr, new_port, new_pref), shell=True) - -def delete_cache(c, cache): - ssh = False - port = c.return_effective_value(base_path + "cache {0} port".format(cache)) - addr = c.return_effective_value(base_path + "cache {0} address".format(cache)) - pref = c.return_effective_value(base_path + "cache {0} preference".format(cache)) - - if not pref: - pref = 1 - - if c.exists_effective(base_path + "cache {0} ssh".format(cache)): - ssh = True - user = c.return_effective_value(base_path + "cache {0} ssh username".format(cache)) - pubkey = c.return_effective_value(base_path + "cache {0} ssh public-key-file".format(cache)) - privkey = c.return_effective_value(base_path + "cache {0} ssh private-key-file".format(cache)) - known_hosts = c.return_effective_value(base_path + "cache {0} ssh known-hosts-file".format(cache)) - - if ssh: - subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'no rpki cache {0} {1} {2} {3} {4} {5} preference {6}' """.format(addr, port, user, privkey, pubkey, known_hosts, pref), shell=True) - - else: - subprocess.call(""" vtysh -c 'conf t' -c 'rpki' -c 'no rpki cache {0} {1} preference {2}' """.format(addr, port, pref), shell=True) - - -config = vyos.config.Config() - -caches = config.list_nodes(base_path + "cache") -orig_caches = config.list_effective_nodes(base_path + "cache") - -# RPKI caches can only be manipulated when RPKI is stopped -print("Stopping RPKI") -subprocess.call(""" vtysh -c 'rpki stop' """, shell=True) - -if not caches: - for cache in orig_caches: - delete_cache(config, cache) -else: - for cache in caches: - if cache in orig_caches: - delete_cache(config, cache) - create_cache(config, cache) - - for cache in orig_caches: - if not cache in caches: - # No longer exists - delete_cache(config, cache) - -if caches: - print("Starting RPKI") - subprocess.call(""" vtysh -c 'rpki start' """, shell=True) - diff --git a/templates/protocols/rpki/cache/node.def b/templates/protocols/rpki/cache/node.def deleted file mode 100644 index f28cf2c6..00000000 --- a/templates/protocols/rpki/cache/node.def +++ /dev/null @@ -1,3 +0,0 @@ -tag: -type: txt -help: RPKI cache server instance diff --git a/templates/protocols/rpki/cache/node.tag/address/node.def b/templates/protocols/rpki/cache/node.tag/address/node.def deleted file mode 100644 index de110206..00000000 --- a/templates/protocols/rpki/cache/node.tag/address/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: RPKI cache server address diff --git a/templates/protocols/rpki/cache/node.tag/port/node.def b/templates/protocols/rpki/cache/node.tag/port/node.def deleted file mode 100644 index e97c2477..00000000 --- a/templates/protocols/rpki/cache/node.tag/port/node.def +++ /dev/null @@ -1,3 +0,0 @@ -type: u32 -help: TCP port number -val_help: u32:1-65535; TCP port number diff --git a/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def deleted file mode 100644 index 40f2c3dc..00000000 --- a/templates/protocols/rpki/cache/node.tag/ssh/known-hosts-file/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: txt -help: RPKI SSH known hosts file - -syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path" - diff --git a/templates/protocols/rpki/cache/node.tag/ssh/node.def b/templates/protocols/rpki/cache/node.tag/ssh/node.def deleted file mode 100644 index 2fb48499..00000000 --- a/templates/protocols/rpki/cache/node.tag/ssh/node.def +++ /dev/null @@ -1 +0,0 @@ -help: RPKI SSH connection settings diff --git a/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def deleted file mode 100644 index 8cfb580f..00000000 --- a/templates/protocols/rpki/cache/node.tag/ssh/private-key-file/node.def +++ /dev/null @@ -1,5 +0,0 @@ -type: txt -help: RPKI SSH private key file - -syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path" - diff --git a/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def b/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def deleted file mode 100644 index 31de9562..00000000 --- a/templates/protocols/rpki/cache/node.tag/ssh/public-key-file/node.def +++ /dev/null @@ -1,4 +0,0 @@ -type: txt -help: RPKI SSH public key file path - -syntax:expression: exec "test -f $VAR(@)"; "Must be an existing file path" diff --git a/templates/protocols/rpki/cache/node.tag/ssh/username/node.def b/templates/protocols/rpki/cache/node.tag/ssh/username/node.def deleted file mode 100644 index 4391509d..00000000 --- a/templates/protocols/rpki/cache/node.tag/ssh/username/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: txt -help: RPKI SSH username diff --git a/templates/protocols/rpki/initial-synchronization-timeout/node.def b/templates/protocols/rpki/initial-synchronization-timeout/node.def deleted file mode 100644 index 43d2016f..00000000 --- a/templates/protocols/rpki/initial-synchronization-timeout/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -help: Initial RPKI cache synchronization timeout - -create: vtysh -c 'conf t' -c 'rpki' -c 'rpki initial-synchronisation-timeout $VAR(@)' -update: vtysh -c 'conf t' -c 'rpki' -c 'rpki initial-synchronisation-timeout $VAR(@)' -delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki initial-synchronisation-timeout' - diff --git a/templates/protocols/rpki/node.def b/templates/protocols/rpki/node.def deleted file mode 100644 index 28d77a9e..00000000 --- a/templates/protocols/rpki/node.def +++ /dev/null @@ -1,3 +0,0 @@ -help: BGP prefix origin validation - -end: ${vyatta_sbindir}/vyos-update-rpki-cache.py diff --git a/templates/protocols/rpki/polling-period/node.def b/templates/protocols/rpki/polling-period/node.def deleted file mode 100644 index ee8d0a2d..00000000 --- a/templates/protocols/rpki/polling-period/node.def +++ /dev/null @@ -1,7 +0,0 @@ -type: u32 -help: RPKI cache polling period -val_help: u32:1-1300; Polling period - -create: vtysh -c 'conf t' -c 'rpki' -c 'rpki polling_period $VAR(@)' -update: vtysh -c 'conf t' -c 'rpki' -c 'rpki polling_period $VAR(@)' -delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki polling_period' diff --git a/templates/protocols/rpki/preference/node.def b/templates/protocols/rpki/preference/node.def deleted file mode 100644 index f946fc0b..00000000 --- a/templates/protocols/rpki/preference/node.def +++ /dev/null @@ -1,2 +0,0 @@ -type: u32 -help: RPKI cache preference diff --git a/templates/protocols/rpki/timeout/node.def b/templates/protocols/rpki/timeout/node.def deleted file mode 100644 index 2ea31cbf..00000000 --- a/templates/protocols/rpki/timeout/node.def +++ /dev/null @@ -1,6 +0,0 @@ -type: u32 -help: RPKI cache reply timeout - -create: vtysh -c 'conf t' -c 'rpki' -c 'rpki timeout $VAR(@)' -update: vtysh -c 'conf t' -c 'rpki' -c 'rpki timeout $VAR(@)' -delete: vtysh -c 'conf t' -c 'rpki' -c 'no rpki timeout' |