diff options
| author | Daniil Baturin <daniil@vyos.io> | 2023-12-20 20:08:18 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-20 20:08:18 +0000 |
| commit | 79879e797cef81ff96ee535da90b8c0d2350594e (patch) | |
| tree | 91eedec3bf573de0374081b98186fd2b74ab5af0 | |
| parent | 316a930b8c54155a45e92796ad2ab69283aa1eb0 (diff) | |
| parent | fdf8011559b2ee6208155876c554bac77f5693c7 (diff) | |
| download | vyos-1x-79879e797cef81ff96ee535da90b8c0d2350594e.tar.gz vyos-1x-79879e797cef81ff96ee535da90b8c0d2350594e.zip | |
Merge pull request #2662 from vyos/mergify/bp/sagitta/pr-2661
Allow the HTTPS API server to start without any configured keys when GraphQL JWT auth is configured (backport #2661)
| -rwxr-xr-x | src/conf_mode/https.py | 6 | ||||
| -rwxr-xr-x | src/services/vyos-http-api-server | 6 |
2 files changed, 9 insertions, 3 deletions
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py index 40b7de557..3dc5dfc01 100755 --- a/src/conf_mode/https.py +++ b/src/conf_mode/https.py @@ -1,6 +1,6 @@ #!/usr/bin/env python3 # -# Copyright (C) 2019-2022 VyOS maintainers and contributors +# Copyright (C) 2019-2023 VyOS maintainers and contributors # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License version 2 or later as @@ -24,6 +24,7 @@ from time import sleep import vyos.defaults import vyos.certbot_util +from vyos.base import Warning from vyos.config import Config from vyos.configdiff import get_config_diff from vyos.configverify import verify_vrf @@ -193,6 +194,9 @@ def verify(https): if (not valid_keys_exist) and (not jwt_auth): raise ConfigError('At least one HTTPS API key is required unless GraphQL token authentication is enabled') + if (not valid_keys_exist) and jwt_auth: + Warning(f'API keys are not configured: the classic (non-GraphQL) API will be unavailable.') + return None def generate(https): diff --git a/src/services/vyos-http-api-server b/src/services/vyos-http-api-server index bfd50cc80..b64e58132 100755 --- a/src/services/vyos-http-api-server +++ b/src/services/vyos-http-api-server @@ -872,13 +872,15 @@ def initialization(session: ConfigSession, app: FastAPI = app): global server try: server_config = load_server_config() - keys = flatten_keys(server_config) except Exception as e: logger.critical(f'Failed to load the HTTP API server config: {e}') sys.exit(1) app.state.vyos_session = session - app.state.vyos_keys = keys + app.state.vyos_keys = [] + + if 'keys' in server_config: + app.state.vyos_keys = flatten_keys(server_config) app.state.vyos_debug = bool('debug' in server_config) app.state.vyos_strict = bool('strict' in server_config) |