T6934: Add preshared key for zabbix-agent monitoring service

- Allow configure preshared key for zabbix-agent - Added op mode command for generatre random psk secret - Removed duplicate xml definition for psk settings Configure authentication mode: ``` # set service monitoring zabbix-agent authentication mode Possible completions: pre-shared-secret Use a pre-shared secret key ``` Configure PSK Settings: ``` # set service monitoring zabbix-agent authentication psk Possible completions: id ID for authentication secret pre-shared secret key ``` Generate Random PSK: ``` $ generate psk random Possible completions: <Enter> Execute the current command size Key size in bytes ```
author: khramshinr <khramshinr@gmail.com> 2024-12-11 11:51:10 +0800
committer: khramshinr <khramshinr@gmail.com> 2024-12-16 15:16:34 +0800
commit: 73b9eba81999744ba0adf4c252ccdb2bd0bd2a19 (patch)
tree: 4179cedb7da1fb9610aafb88baa366d75dc3aef7 /interface-definitions
parent: 221b384ff0096f07b96f13d1a5433e0b49c15846 (diff)
download: vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.tar.gz
vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.zip
6 files changed, 60 insertions, 33 deletions
diff --git a/interface-definitions/include/auth-mode-pre-shared-secret.xml.i b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i
new file mode 100644
index 000000000..cf1003917
--- /dev/null
+++ b/interface-definitions/include/auth-mode-pre-shared-secret.xml.i
@@ -0,0 +1,14 @@
+<!-- include start from auth-mode-pre-shared-secret.xml.i -->
+<leafNode name="mode">
+  <properties>
+    <help>Authentication mode</help>
+    <completionHelp>
+      <list>pre-shared-secret</list>
+    </completionHelp>
+    <valueHelp>
+      <format>pre-shared-secret</format>
+      <description>Use a pre-shared secret key</description>
+    </valueHelp>
+  </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/auth-psk-id.xml.i b/interface-definitions/include/auth-psk-id.xml.i
new file mode 100644
index 000000000..ab2451045
--- /dev/null
+++ b/interface-definitions/include/auth-psk-id.xml.i
@@ -0,0 +1,11 @@
+<!-- include start from auth-psk-id.xml.i -->
+<leafNode name="id">
+  <properties>
+    <help>ID for authentication</help>
+    <valueHelp>
+      <format>txt</format>
+      <description>ID used for authentication</description>
+    </valueHelp>
+  </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/auth-psk-secret.xml.i b/interface-definitions/include/auth-psk-secret.xml.i
new file mode 100644
index 000000000..24257dcab
--- /dev/null
+++ b/interface-definitions/include/auth-psk-secret.xml.i
@@ -0,0 +1,15 @@
+<!-- include start from auth-psk-secret.xml.i -->
+<leafNode name="secret">
+  <properties>
+    <help>pre-shared secret key</help>
+    <valueHelp>
+      <format>txt</format>
+      <description>16byte pre-shared-secret key (32 character hexadecimal key)</description>
+    </valueHelp>
+    <constraint>
+      <validator name="psk-secret"/>
+    </constraint>
+    <constraintErrorMessage>Pre-Shared-Keys must be at leas 16 bytes long, which implies at least 32 characterss</constraintErrorMessage>
+  </properties>
+</leafNode>
+<!-- include end -->
diff --git a/interface-definitions/include/stunnel/psk.xml.i b/interface-definitions/include/stunnel/psk.xml.i
index db11a93d3..a8226c866 100644
--- a/interface-definitions/include/stunnel/psk.xml.i
+++ b/interface-definitions/include/stunnel/psk.xml.i
@@ -4,27 +4,8 @@
     <help>Pre-shared key name</help>
   </properties>
   <children>
-    <leafNode name="id">
-      <properties>
-        <help>ID for authentication</help>
-        <valueHelp>
-          <format>txt</format>
-          <description>ID used for authentication</description>
-        </valueHelp>
-      </properties>
-    </leafNode>
-    <leafNode name="secret">
-      <properties>
-        <help>pre-shared secret key</help>
-        <valueHelp>
-          <format>txt</format>
-          <description>pre-shared secret key are required to be at least 16 bytes long, which implies at least 32 characters for hexadecimal key</description>
-        </valueHelp>
-        <constraint>
-          <validator name="psk-secret"/>
-        </constraint>
-      </properties>
-    </leafNode>
+    #include <include/auth-psk-id.xml.i>
+    #include <include/auth-psk-secret.xml.i>
   </children>
 </tagNode>
 <!-- include end -->
diff --git a/interface-definitions/service_monitoring_zabbix-agent.xml.in b/interface-definitions/service_monitoring_zabbix-agent.xml.in
index e44b31312..122e61e8b 100644
--- a/interface-definitions/service_monitoring_zabbix-agent.xml.in
+++ b/interface-definitions/service_monitoring_zabbix-agent.xml.in
@@ -10,6 +10,23 @@
               <priority>1280</priority>
             </properties>
             <children>
+              <node name="authentication">
+                <properties>
+                  <help>Authentication</help>
+                </properties>
+                <children>
+                  #include <include/auth-mode-pre-shared-secret.xml.i>
+                  <node name="psk">
+                    <properties>
+                      <help>Pre-shared key</help>
+                    </properties>
+                    <children>
+                      #include <include/auth-psk-id.xml.i>
+                      #include <include/auth-psk-secret.xml.i>
+                    </children>
+                  </node>
+                </children>
+              </node>
               <leafNode name="directory">
                 <properties>
                   <help>Folder containing individual Zabbix-agent configuration files</help>
diff --git a/interface-definitions/vpn_ipsec.xml.in b/interface-definitions/vpn_ipsec.xml.in
index 5540021e2..0cf526fad 100644
--- a/interface-definitions/vpn_ipsec.xml.in
+++ b/interface-definitions/vpn_ipsec.xml.in
@@ -722,18 +722,7 @@
                   <help>Authentication</help>
                 </properties>
                 <children>
-                  <leafNode name="mode">
-                    <properties>
-                      <help>Authentication mode</help>
-                      <completionHelp>
-                        <list>pre-shared-secret</list>
-                      </completionHelp>
-                      <valueHelp>
-                        <format>pre-shared-secret</format>
-                        <description>Use a pre-shared secret key</description>
-                      </valueHelp>
-                    </properties>
-                  </leafNode>
+                  #include <include/auth-mode-pre-shared-secret.xml.i>
                   #include <include/ipsec/authentication-pre-shared-secret.xml.i>
                 </children>
               </node>
author	khramshinr <khramshinr@gmail.com>	2024-12-11 11:51:10 +0800
committer	khramshinr <khramshinr@gmail.com>	2024-12-16 15:16:34 +0800
commit	73b9eba81999744ba0adf4c252ccdb2bd0bd2a19 (patch)
tree	4179cedb7da1fb9610aafb88baa366d75dc3aef7 /interface-definitions
parent	221b384ff0096f07b96f13d1a5433e0b49c15846 (diff)
download	vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.tar.gz vyos-1x-73b9eba81999744ba0adf4c252ccdb2bd0bd2a19.zip