diff options
| -rw-r--r-- | Makefile | 2 | ||||
| -rw-r--r-- | interface-definitions/interfaces_virtual-ethernet.xml.in | 4 | ||||
| m--------- | libvyosconfig | 0 | ||||
| -rw-r--r-- | smoketest/scripts/cli/base_interfaces_test.py | 2 | ||||
| -rwxr-xr-x | src/conf_mode/pki.py | 12 |
5 files changed, 16 insertions, 4 deletions
@@ -25,7 +25,7 @@ op_xml_obj = $(op_xml_src:.xml.in=.xml) .ONESHELL: libvyosconfig: if test ! -f $(LIBVYOSCONFIG_BUILD_PATH); then - if ! echo $(firstword $(LIBVYOSCONFIG_STATUS))|grep -Eq '^[0-9]'; then + if ! echo $(firstword $(LIBVYOSCONFIG_STATUS))|grep -Eq '^[a-z0-9]'; then git submodule sync; git submodule update --init --remote fi rm -rf /tmp/libvyosconfig && mkdir /tmp/libvyosconfig diff --git a/interface-definitions/interfaces_virtual-ethernet.xml.in b/interface-definitions/interfaces_virtual-ethernet.xml.in index c4610feec..2dfbd50b8 100644 --- a/interface-definitions/interfaces_virtual-ethernet.xml.in +++ b/interface-definitions/interfaces_virtual-ethernet.xml.in @@ -21,6 +21,10 @@ #include <include/interface/dhcp-options.xml.i> #include <include/interface/dhcpv6-options.xml.i> #include <include/interface/disable.xml.i> + #include <include/interface/mtu-68-16000.xml.i> + <leafNode name="mtu"> + <defaultValue>1500</defaultValue> + </leafNode> #include <include/interface/netns.xml.i> #include <include/interface/vif-s.xml.i> #include <include/interface/vif.xml.i> diff --git a/libvyosconfig b/libvyosconfig -Subproject 27e4b0a5eaf77d9a1f5e1f6dcaa109e5d73c51d +Subproject 74d884d7f383aa570fa00b7f3b222ea8b18bb45 diff --git a/smoketest/scripts/cli/base_interfaces_test.py b/smoketest/scripts/cli/base_interfaces_test.py index 80d200e97..a9b758802 100644 --- a/smoketest/scripts/cli/base_interfaces_test.py +++ b/smoketest/scripts/cli/base_interfaces_test.py @@ -613,7 +613,7 @@ class BasicInterfaceTest: def test_mtu_1200_no_ipv6_interface(self): # Testcase if MTU can be changed to 1200 on non IPv6 # enabled interfaces - if not self._test_mtu: + if not self._test_mtu or not self._test_ipv6: self.skipTest('not supported') old_mtu = self._mtu diff --git a/src/conf_mode/pki.py b/src/conf_mode/pki.py index acea2c9be..724f97555 100755 --- a/src/conf_mode/pki.py +++ b/src/conf_mode/pki.py @@ -440,13 +440,21 @@ def generate(pki): for name, cert_conf in pki['certificate'].items(): if 'acme' in cert_conf: certbot_list.append(name) - # generate certificate if not found on disk + # There is no ACME/certbot managed certificate presend on the + # system, generate it if name not in certbot_list_on_disk: certbot_request(name, cert_conf['acme'], dry_run=False) + # Now that the certificate was properly generated we have + # the PEM files on disk. We need to add the certificate to + # certbot_list_on_disk to automatically import the CA chain + certbot_list_on_disk.append(name) + # We alredy had an ACME managed certificate on the system, but + # something changed in the configuration elif changed_certificates != None and name in changed_certificates: - # when something for the certificate changed, we should delete it + # Delete old ACME certificate first if name in certbot_list_on_disk: certbot_delete(name) + # Request new certificate via certbot certbot_request(name, cert_conf['acme'], dry_run=False) # Cleanup certbot configuration and certificates if no longer in use by CLI |