summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--data/templates/salt-minion/minion.j28
-rw-r--r--interface-definitions/salt-minion.xml.in1
-rwxr-xr-xsmoketest/scripts/cli/test_service_salt.py5
-rwxr-xr-xsrc/conf_mode/salt-minion.py7
4 files changed, 19 insertions, 2 deletions
diff --git a/data/templates/salt-minion/minion.j2 b/data/templates/salt-minion/minion.j2
index d9922ebe8..6940c0cde 100644
--- a/data/templates/salt-minion/minion.j2
+++ b/data/templates/salt-minion/minion.j2
@@ -57,5 +57,11 @@ id: {{ id }}
# The number of minutes between mine updates.
mine_interval: {{ interval }}
-verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }}
+{% if source_interface is vyos_defined %}
+# The name of the interface to use when establishing the connection to the Master.
+source_interface_name = {{ source_interface }}
+{% endif %}
+# Enables verification of the master-public-signature returned by the master
+# in auth-replies.
+verify_master_pubkey_sign: {{ 'True' if master_key is vyos_defined else 'False' }}
diff --git a/interface-definitions/salt-minion.xml.in b/interface-definitions/salt-minion.xml.in
index f8b4c4b89..c3219cff3 100644
--- a/interface-definitions/salt-minion.xml.in
+++ b/interface-definitions/salt-minion.xml.in
@@ -66,6 +66,7 @@
<help>URL with signature of master for auth reply verification</help>
</properties>
</leafNode>
+ #include <include/source-interface.xml.i>
</children>
</node>
</children>
diff --git a/smoketest/scripts/cli/test_service_salt.py b/smoketest/scripts/cli/test_service_salt.py
index bbeec7f7b..8a8ad093c 100755
--- a/smoketest/scripts/cli/test_service_salt.py
+++ b/smoketest/scripts/cli/test_service_salt.py
@@ -68,11 +68,13 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
hash = 'sha1'
id = 'foo'
interval = '120'
+ interface = 'eth0'
self.cli_set(base_path + ['master', server])
self.cli_set(base_path + ['hash', hash])
self.cli_set(base_path + ['id', id])
self.cli_set(base_path + ['interval', interval])
+ self.cli_set(base_path + ['source_interface', interface])
self.cli_commit()
@@ -84,7 +86,8 @@ class TestServiceSALT(VyOSUnitTestSHIM.TestCase):
self.assertIn(f'hash_type: {hash}', conf)
self.assertIn(f'id: {id}', conf)
self.assertIn(f'mine_interval: {interval}', conf)
- self.assertIn(f'id: {id}', conf)
+ self.assertIn(f'id: {interface}', conf)
+ self.assertIn(f'source_interface_name: {id}', conf)
if __name__ == '__main__':
unittest.main(verbosity=2)
diff --git a/src/conf_mode/salt-minion.py b/src/conf_mode/salt-minion.py
index 89df3b48a..d296bc202 100755
--- a/src/conf_mode/salt-minion.py
+++ b/src/conf_mode/salt-minion.py
@@ -25,6 +25,7 @@ from vyos.configdict import dict_merge
from vyos.template import render
from vyos.util import call
from vyos.util import chown
+from vyos.verify import verify_interface_exists
from vyos.xml import defaults
from vyos import ConfigError
@@ -66,6 +67,12 @@ def get_config(config=None):
return salt
def verify(salt):
+ if not salt:
+ return None
+
+ if 'source_interface' in salt:
+ verify_interface_exists(salt['source_interface'])
+
return None
def generate(salt):