vyos-1x.git/debian/control, branch 1.4.0-epa3

T6307: Add dependency procps to build vyos-1x

2024-05-06T15:15:13+00:00

(cherry picked from commit 8041201fccffa96ca05ecd764b6d4b9d103b4c1a)

T6199: add missing build dependency

2024-04-09T15:23:03+00:00

(cherry picked from commit 8e2330fed6480886cbce97cc1b541e54c5394564)

Debian: T6199: add pylint do list of build dependencies

2024-04-06T08:58:33+00:00

(cherry picked from commit 71786307eed6a0ebb42755f24c19dfd46b1b9696)

T6199: drop unused sphinx documentation folder

2024-04-03T19:01:42+00:00

(cherry picked from commit 86b632874288aa5707a94a4f28ca816e543823b9)

https: T5886: migrate https certbot to new "pki certificate" CLI tree

2024-01-08T20:11:13+00:00

(cherry picked from commit 9ab6665c80c30bf446d94620fc9d85b052d48072)

pki: T5886: add support for ACME protocol (LetsEncrypt)

2024-01-08T20:11:13+00:00

The "idea" of this PR is to add new CLI nodes under the pki subsystem to activate ACME for any given certificate. vyos@vyos# set pki certificate NAME acme Possible completions: + domain-name Domain Name email Email address to associate with certificate listen-address Local IPv4 addresses to listen on rsa-key-size Size of the RSA key (default: 2048) url Remote URL (default: https://acme-v02.api.letsencrypt.org/directory) Users choose if the CLI based custom certificates are used set pki certificate EXAMPLE acme certificate or if it should be generated via ACME. The ACME server URL defaults to LetsEncrypt but can be changed to their staging API for testing to not get blacklisted. set pki certificate EXAMPLE acme url https://acme-staging-v02.api.letsencrypt.org/directory Certificate retrieval has a certbot --dry-run stage in verify() to see if it can be generated. After successful generation, the certificate is stored in under /config/auth/letsencrypt. Once a certificate is referenced in the CLI (e.g. set interfaces ethernet eth0 eapol certificate EXAMPLE) we call vyos.config.get_config_dict() which will (if with_pki=True is set) blend in the base64 encoded certificate into the JSON data structure normally used when using a certificate set by the CLI. Using this "design" does not need any change to any other code referencing the PKI system, as the base64 encoded certificate is already there. certbot renewal will call the PKI python script to trigger dependency updates. (cherry picked from commit b8db1a9d7baf91b70c1b735e58710f1e2bc9fc7a) # Conflicts: # debian/control

T5826: ensure dmidecode is installed as a dependency of vyos-1x

2023-12-14T05:47:37+00:00

dmicode is used in the "show hardware dmi" and to derive synthetic MAC addresses (see python/vyos/ifconfig/interface.py). On non-x86 platforms like arm64 it may not be pulled in explictly by other packages (like libparted2) so add it as an explicit dependency. (cherry picked from commit 46c929a99b7d507451d8385b315ae7ef9e7cbed5)

T160: Fix Debian control conflicts

2023-12-07T14:39:01+00:00

nat64: T160: Implement Jool-based NAT64 translator

2023-12-07T14:11:00+00:00

Signed-off-by: Joe Groocock (cherry picked from commit 7d49f7079f1129c2fadc7f38ceb230804d89e177) # Conflicts: # debian/control

ddclient: T5708: Migration to 3.11.1 and related improvements

2023-12-01T03:42:23+00:00

- Migrate to ddclient 3.11.1 and enforce debian/control dependency - Add dual stack support for additional protocols - Restrict usage of `porkbun` protocol, VyOS configuration structure isn't compatible with porkbun yet - Improve and cleanup error messages