VyOS command definitions, scripts, and utilities (mirror of https://github.com/vyos/vyos-1x.git) https://git.amelek.net/vyos/vyos-1x.git/atom?h=1.4.0-epa1 2024-01-10T07:11:39+00:00 2024-01-10T07:11:39+00:00 Christian Breunig christian@breunig.cc 2024-01-06T09:55:42+00:00 urn:sha1:34eadcf2f74ae57342997bed77ce64bddd34219b We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement. (cherry picked from commit d0d3071e99eb65edb888c26ef2fdc9e038438887) 2023-12-20T20:02:52+00:00 Daniil Baturin daniil@baturin.org 2023-12-20T19:51:34+00:00 urn:sha1:fdf8011559b2ee6208155876c554bac77f5693c7 and use only PAM auth and JWT (cherry picked from commit 495bf4732439ebd55edfbf6050af8b2064993d86) 2023-12-01T15:43:53+00:00 John Estabrook jestabro@vyos.io 2023-11-26T02:00:31+00:00 urn:sha1:4fcf4ce92b7c1de479070f5b392520984564ad16 2023-12-01T15:43:53+00:00 John Estabrook jestabro@vyos.io 2023-11-21T15:42:48+00:00 urn:sha1:006931b8f1926a239bb5be4e27eb40bbe071219c 2023-11-21T20:23:14+00:00 Viacheslav Hletenko v.gletenko@vyos.io 2023-11-21T10:17:53+00:00 urn:sha1:cc4773e23ae9688920a567ba940b88efddbc8d78 Add ability to reboot and poweroff the system via API curl -k --location --request POST 'https://vyos/reboot' \ --form data='{"op": "reboot", "path": ["now"]}' \ --form key='apikey' curl -k --location --request POST 'https://vyos/poweroff' \ --form data='{"op": "poweroff", "path": ["now"]}' \ --form key='apikey' (cherry picked from commit 36f3c329c2df0e78f2f5da933d9729a872fb2a11) 2023-11-20T18:22:08+00:00 Christian Breunig christian@breunig.cc 2023-11-20T09:13:21+00:00 urn:sha1:3280a153713decf28eb5c564573028df19a4e1b1 Why: Smoketests fail as they can not establish IPv6 connection to uvicorn backend server. https://github.com/vyos/vyos-1x/pull/2481 added a bunch of new smoketests. While debugging those failing, it was uncovered, that uvicorn only listens on IPv4 connections vyos@vyos# netstat -tulnp | grep 8080 (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN - As the CLI already has an option to move the API communication from an IP to a UNIX domain socket, the best idea is to make this the default way of communication, as we never directly talk to the API server but rather use the NGINX reverse proxy. (cherry picked from commit f5e43b1361fb59a9c260739bdb28729d5119507c) 2023-10-10T18:12:07+00:00 John Estabrook jestabro@vyos.io 2023-10-07T03:27:19+00:00 urn:sha1:9c7a4b43278e2da0c423089100fb0878239e0aa6 (cherry picked from commit 93d2ea7d635c7aa5acf3000654393ea48b7c6405) 2023-10-10T18:12:06+00:00 John Estabrook jestabro@vyos.io 2023-10-06T04:16:40+00:00 urn:sha1:09adc91eda586f5349b3ab5866de179e9a07c7d8 (cherry picked from commit 7d597a6dca15cb592230b349ef7ef565f258cf43) 2023-06-20T17:42:14+00:00 John Estabrook jestabro@vyos.io 2023-06-20T17:37:38+00:00 urn:sha1:33016220be8e156720a3692ca309753c4e84cd2a 2023-06-11T03:39:56+00:00 John Estabrook jestabro@vyos.io 2023-06-10T21:52:07+00:00 urn:sha1:f8670aadaa2de60972b55a9784a5dfb6c75193d1