diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-12-26 00:10:07 +0100 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-12-26 00:10:07 +0100 |
commit | 4aaf0ba69139d84f89e5c3feee6edd845af8d1e5 (patch) | |
tree | 6c5c2168edee8aacbdb8a5875a1703c161b8d0a6 | |
parent | d767d8774613d7e9b2bd860b2604c7770eff2402 (diff) | |
download | vyos-1x-4aaf0ba69139d84f89e5c3feee6edd845af8d1e5.tar.gz vyos-1x-4aaf0ba69139d84f89e5c3feee6edd845af8d1e5.zip |
http: api: T4055: add VRF support
-rw-r--r-- | data/templates/https/vyos-http-api.service.tmpl (renamed from src/systemd/vyos-http-api.service) | 3 | ||||
-rwxr-xr-x | src/conf_mode/http-api.py | 37 |
2 files changed, 27 insertions, 13 deletions
diff --git a/src/systemd/vyos-http-api.service b/data/templates/https/vyos-http-api.service.tmpl index 55370b356..15bd80d65 100644 --- a/src/systemd/vyos-http-api.service +++ b/data/templates/https/vyos-http-api.service.tmpl @@ -1,10 +1,11 @@ +{% set vrf_command = 'ip vrf exec ' + vrf + ' ' if vrf is defined else '' %} [Unit] Description=VyOS HTTP API service After=vyos-router.service Requires=vyos-router.service [Service] -ExecStart=/usr/libexec/vyos/services/vyos-http-api-server +ExecStart={{vrf_command}}/usr/libexec/vyos/services/vyos-http-api-server Type=idle SyslogIdentifier=vyos-http-api diff --git a/src/conf_mode/http-api.py b/src/conf_mode/http-api.py index ea0743cd5..b5f5e919f 100755 --- a/src/conf_mode/http-api.py +++ b/src/conf_mode/http-api.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019 VyOS maintainers and contributors +# Copyright (C) 2019-2021 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -13,25 +13,26 @@ # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -# -# import sys import os import json -import time + +from time import sleep from copy import deepcopy import vyos.defaults + from vyos.config import Config -from vyos import ConfigError +from vyos.template import render from vyos.util import cmd from vyos.util import call - +from vyos import ConfigError from vyos import airbag airbag.enable() api_conf_file = '/etc/vyos/http-api.conf' +systemd_service = '/run/systemd/system/vyos-http-api.service' vyos_conf_scripts_dir=vyos.defaults.directories['conf_mode'] @@ -49,11 +50,16 @@ def get_config(config=None): else: conf = Config() - if not conf.exists('service https api'): + base = ['service', 'https', 'api'] + if not conf.exists(base): return None - else: - conf.set_level('service https api') + # Do we run inside a VRF context? + vrf_path = ['service', 'https', 'vrf'] + if conf.exists(vrf_path): + http_api['vrf'] = conf.return_value(vrf_path) + + conf.set_level('service https api') if conf.exists('strict'): http_api['strict'] = True @@ -92,6 +98,8 @@ def verify(http_api): def generate(http_api): if http_api is None: + if os.path.exists(systemd_service): + os.unlink(systemd_service) return None if not os.path.exists('/etc/vyos'): @@ -100,16 +108,21 @@ def generate(http_api): with open(api_conf_file, 'w') as f: json.dump(http_api, f, indent=2) + render(systemd_service, 'https/vyos-http-api.service.tmpl', http_api) return None def apply(http_api): + # Reload systemd manager configuration + call('systemctl daemon-reload') + service_name = 'vyos-http-api.service' + if http_api is not None: - call('systemctl restart vyos-http-api.service') + call(f'systemctl restart {service_name}') else: - call('systemctl stop vyos-http-api.service') + call(f'systemctl stop {service_name}') # Let uvicorn settle before restarting Nginx - time.sleep(1) + sleep(1) cmd(f'{vyos_conf_scripts_dir}/https.py', raising=ConfigError) |