diff options
author | khramshinr <khramshinr@gmail.com> | 2024-12-11 11:51:10 +0800 |
---|---|---|
committer | khramshinr <khramshinr@gmail.com> | 2024-12-16 15:16:34 +0800 |
commit | 73b9eba81999744ba0adf4c252ccdb2bd0bd2a19 (patch) | |
tree | 4179cedb7da1fb9610aafb88baa366d75dc3aef7 /interface-definitions/include | |
parent | 221b384ff0096f07b96f13d1a5433e0b49c15846 (diff) | |
download | vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.tar.gz vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.zip |
T6934: Add preshared key for zabbix-agent monitoring service
- Allow configure preshared key for zabbix-agent
- Added op mode command for generatre random psk secret
- Removed duplicate xml definition for psk settings
Configure authentication mode:
```
# set service monitoring zabbix-agent authentication mode
Possible completions:
pre-shared-secret Use a pre-shared secret key
```
Configure PSK Settings:
```
# set service monitoring zabbix-agent authentication psk
Possible completions:
id ID for authentication
secret pre-shared secret key
```
Generate Random PSK:
```
$ generate psk random
Possible completions:
<Enter> Execute the current command
size Key size in bytes
```
Diffstat (limited to 'interface-definitions/include')
4 files changed, 42 insertions, 21 deletions
diff --git a/interface-definitions/include/auth-mode-pre-shared-secret.xml.i b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i new file mode 100644 index 000000000..cf1003917 --- /dev/null +++ b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i @@ -0,0 +1,14 @@ +<!-- include start from auth-mode-pre-shared-secret.xml.i --> +<leafNode name="mode"> + <properties> + <help>Authentication mode</help> + <completionHelp> + <list>pre-shared-secret</list> + </completionHelp> + <valueHelp> + <format>pre-shared-secret</format> + <description>Use a pre-shared secret key</description> + </valueHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/auth-psk-id.xml.i b/interface-definitions/include/auth-psk-id.xml.i new file mode 100644 index 000000000..ab2451045 --- /dev/null +++ b/interface-definitions/include/auth-psk-id.xml.i @@ -0,0 +1,11 @@ +<!-- include start from auth-psk-id.xml.i --> +<leafNode name="id"> + <properties> + <help>ID for authentication</help> + <valueHelp> + <format>txt</format> + <description>ID used for authentication</description> + </valueHelp> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/auth-psk-secret.xml.i b/interface-definitions/include/auth-psk-secret.xml.i new file mode 100644 index 000000000..24257dcab --- /dev/null +++ b/interface-definitions/include/auth-psk-secret.xml.i @@ -0,0 +1,15 @@ +<!-- include start from auth-psk-secret.xml.i --> +<leafNode name="secret"> + <properties> + <help>pre-shared secret key</help> + <valueHelp> + <format>txt</format> + <description>16byte pre-shared-secret key (32 character hexadecimal key)</description> + </valueHelp> + <constraint> + <validator name="psk-secret"/> + </constraint> + <constraintErrorMessage>Pre-Shared-Keys must be at leas 16 bytes long, which implies at least 32 characterss</constraintErrorMessage> + </properties> +</leafNode> +<!-- include end --> diff --git a/interface-definitions/include/stunnel/psk.xml.i b/interface-definitions/include/stunnel/psk.xml.i index db11a93d3..a8226c866 100644 --- a/interface-definitions/include/stunnel/psk.xml.i +++ b/interface-definitions/include/stunnel/psk.xml.i @@ -4,27 +4,8 @@ <help>Pre-shared key name</help> </properties> <children> - <leafNode name="id"> - <properties> - <help>ID for authentication</help> - <valueHelp> - <format>txt</format> - <description>ID used for authentication</description> - </valueHelp> - </properties> - </leafNode> - <leafNode name="secret"> - <properties> - <help>pre-shared secret key</help> - <valueHelp> - <format>txt</format> - <description>pre-shared secret key are required to be at least 16 bytes long, which implies at least 32 characters for hexadecimal key</description> - </valueHelp> - <constraint> - <validator name="psk-secret"/> - </constraint> - </properties> - </leafNode> + #include <include/auth-psk-id.xml.i> + #include <include/auth-psk-secret.xml.i> </children> </tagNode> <!-- include end --> |