summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2021-12-26 00:10:07 +0100
committerChristian Poessinger <christian@poessinger.com>2021-12-26 00:10:07 +0100
commit4aaf0ba69139d84f89e5c3feee6edd845af8d1e5 (patch)
tree6c5c2168edee8aacbdb8a5875a1703c161b8d0a6
parentd767d8774613d7e9b2bd860b2604c7770eff2402 (diff)
downloadvyos-1x-4aaf0ba69139d84f89e5c3feee6edd845af8d1e5.tar.gz
vyos-1x-4aaf0ba69139d84f89e5c3feee6edd845af8d1e5.zip
http: api: T4055: add VRF support
-rw-r--r--data/templates/https/vyos-http-api.service.tmpl (renamed from src/systemd/vyos-http-api.service)3
-rwxr-xr-xsrc/conf_mode/http-api.py37
2 files changed, 27 insertions, 13 deletions
diff --git a/src/systemd/vyos-http-api.service b/data/templates/https/vyos-http-api.service.tmpl
index 55370b356..15bd80d65 100644
--- a/src/systemd/vyos-http-api.service
+++ b/data/templates/https/vyos-http-api.service.tmpl
@@ -1,10 +1,11 @@
+{% set vrf_command = 'ip vrf exec ' + vrf + ' ' if vrf is defined else '' %}
[Unit]
Description=VyOS HTTP API service
After=vyos-router.service
Requires=vyos-router.service
[Service]
-ExecStart=/usr/libexec/vyos/services/vyos-http-api-server
+ExecStart={{vrf_command}}/usr/libexec/vyos/services/vyos-http-api-server
Type=idle
SyslogIdentifier=vyos-http-api
diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py
index ea0743cd5..b5f5e919f 100755
--- a/src/conf_mode/http-api.py
+++ b/src/conf_mode/http-api.py
@@ -1,6 +1,6 @@
#!/usr/bin/env python3
#
-# Copyright (C) 2019 VyOS maintainers and contributors
+# Copyright (C) 2019-2021 VyOS maintainers and contributors
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2 or later as
@@ -13,25 +13,26 @@
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-#
-#
import sys
import os
import json
-import time
+
+from time import sleep
from copy import deepcopy
import vyos.defaults
+
from vyos.config import Config
-from vyos import ConfigError
+from vyos.template import render
from vyos.util import cmd
from vyos.util import call
-
+from vyos import ConfigError
from vyos import airbag
airbag.enable()
api_conf_file = '/etc/vyos/http-api.conf'
+systemd_service = '/run/systemd/system/vyos-http-api.service'
vyos_conf_scripts_dir=vyos.defaults.directories['conf_mode']
@@ -49,11 +50,16 @@ def get_config(config=None):
else:
conf = Config()
- if not conf.exists('service https api'):
+ base = ['service', 'https', 'api']
+ if not conf.exists(base):
return None
- else:
- conf.set_level('service https api')
+ # Do we run inside a VRF context?
+ vrf_path = ['service', 'https', 'vrf']
+ if conf.exists(vrf_path):
+ http_api['vrf'] = conf.return_value(vrf_path)
+
+ conf.set_level('service https api')
if conf.exists('strict'):
http_api['strict'] = True
@@ -92,6 +98,8 @@ def verify(http_api):
def generate(http_api):
if http_api is None:
+ if os.path.exists(systemd_service):
+ os.unlink(systemd_service)
return None
if not os.path.exists('/etc/vyos'):
@@ -100,16 +108,21 @@ def generate(http_api):
with open(api_conf_file, 'w') as f:
json.dump(http_api, f, indent=2)
+ render(systemd_service, 'https/vyos-http-api.service.tmpl', http_api)
return None
def apply(http_api):
+ # Reload systemd manager configuration
+ call('systemctl daemon-reload')
+ service_name = 'vyos-http-api.service'
+
if http_api is not None:
- call('systemctl restart vyos-http-api.service')
+ call(f'systemctl restart {service_name}')
else:
- call('systemctl stop vyos-http-api.service')
+ call(f'systemctl stop {service_name}')
# Let uvicorn settle before restarting Nginx
- time.sleep(1)
+ sleep(1)
cmd(f'{vyos_conf_scripts_dir}/https.py', raising=ConfigError)