summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/bcast_relay.py2
-rwxr-xr-xsrc/conf_mode/dns_forwarding.py4
-rwxr-xr-xsrc/conf_mode/dynamic_dns.py4
-rwxr-xr-xsrc/conf_mode/https.py2
-rwxr-xr-xsrc/conf_mode/igmp_proxy.py3
-rwxr-xr-xsrc/conf_mode/interfaces-openvpn.py7
-rwxr-xr-xsrc/conf_mode/interfaces-pppoe.py22
-rwxr-xr-xsrc/conf_mode/interfaces-wireless.py6
-rwxr-xr-xsrc/conf_mode/interfaces-wirelessmodem.py10
-rwxr-xr-xsrc/conf_mode/ipsec-settings.py8
-rwxr-xr-xsrc/conf_mode/nat.py3
-rwxr-xr-xsrc/conf_mode/ntp.py4
-rwxr-xr-xsrc/conf_mode/protocols_bgp.py6
-rwxr-xr-xsrc/conf_mode/protocols_isis.py4
-rwxr-xr-xsrc/conf_mode/protocols_mpls.py3
-rwxr-xr-xsrc/conf_mode/service_ids_fastnetmon.py6
-rwxr-xr-xsrc/conf_mode/service_ipoe-server.py2
-rwxr-xr-xsrc/conf_mode/service_pppoe-server.py4
-rwxr-xr-xsrc/conf_mode/service_router-advert.py2
-rwxr-xr-xsrc/conf_mode/ssh.py4
-rwxr-xr-xsrc/conf_mode/system-login.py2
-rwxr-xr-xsrc/conf_mode/system-option.py4
-rwxr-xr-xsrc/conf_mode/system-syslog.py4
-rwxr-xr-xsrc/conf_mode/system_lcd.py4
-rwxr-xr-xsrc/conf_mode/tftp_server.py2
-rwxr-xr-xsrc/conf_mode/vpn_l2tp.py2
-rwxr-xr-xsrc/conf_mode/vpn_openconnect.py17
-rwxr-xr-xsrc/conf_mode/vpn_pptp.py4
-rwxr-xr-xsrc/conf_mode/vpn_sstp.py4
29 files changed, 74 insertions, 75 deletions
diff --git a/src/conf_mode/bcast_relay.py b/src/conf_mode/bcast_relay.py
index 78daeb6be..d93a2a8f4 100755
--- a/src/conf_mode/bcast_relay.py
+++ b/src/conf_mode/bcast_relay.py
@@ -79,7 +79,7 @@ def generate(relay):
config['instance'] = instance
render(config_file_base + instance, 'bcast-relay/udp-broadcast-relay.tmpl',
- config, trim_blocks=True)
+ config)
return None
diff --git a/src/conf_mode/dns_forwarding.py b/src/conf_mode/dns_forwarding.py
index ef52cbfd3..c44e6c974 100755
--- a/src/conf_mode/dns_forwarding.py
+++ b/src/conf_mode/dns_forwarding.py
@@ -114,10 +114,10 @@ def generate(dns):
return None
render(pdns_rec_config_file, 'dns-forwarding/recursor.conf.tmpl',
- dns, trim_blocks=True, user=pdns_rec_user, group=pdns_rec_group)
+ dns, user=pdns_rec_user, group=pdns_rec_group)
render(pdns_rec_lua_conf_file, 'dns-forwarding/recursor.conf.lua.tmpl',
- dns, trim_blocks=True, user=pdns_rec_user, group=pdns_rec_group)
+ dns, user=pdns_rec_user, group=pdns_rec_group)
# if vyos-hostsd didn't create its files yet, create them (empty)
for file in [pdns_rec_hostsd_lua_conf_file, pdns_rec_hostsd_zones_file]:
diff --git a/src/conf_mode/dynamic_dns.py b/src/conf_mode/dynamic_dns.py
index 93e995b78..6d39c6644 100755
--- a/src/conf_mode/dynamic_dns.py
+++ b/src/conf_mode/dynamic_dns.py
@@ -131,7 +131,9 @@ def generate(dyndns):
if not dyndns:
return None
- render(config_file, 'dynamic-dns/ddclient.conf.tmpl', dyndns, trim_blocks=True, permission=0o600)
+ render(config_file, 'dynamic-dns/ddclient.conf.tmpl', dyndns,
+ permission=0o600)
+
return None
def apply(dyndns):
diff --git a/src/conf_mode/https.py b/src/conf_mode/https.py
index de228f0f8..a6e2d9c8c 100755
--- a/src/conf_mode/https.py
+++ b/src/conf_mode/https.py
@@ -159,7 +159,7 @@ def generate(https):
if 'server_block_list' not in https or not https['server_block_list']:
https['server_block_list'] = [default_server_block]
- render(config_file, 'https/nginx.default.tmpl', https, trim_blocks=True)
+ render(config_file, 'https/nginx.default.tmpl', https)
return None
diff --git a/src/conf_mode/igmp_proxy.py b/src/conf_mode/igmp_proxy.py
index 90f3f30a8..fb030c9f3 100755
--- a/src/conf_mode/igmp_proxy.py
+++ b/src/conf_mode/igmp_proxy.py
@@ -95,8 +95,7 @@ def generate(igmp_proxy):
print('WARNING: IGMP Proxy will be deactivated because it is disabled')
return None
- render(config_file, 'igmp-proxy/igmpproxy.conf.tmpl', igmp_proxy,
- trim_blocks=True)
+ render(config_file, 'igmp-proxy/igmpproxy.conf.tmpl', igmp_proxy)
return None
diff --git a/src/conf_mode/interfaces-openvpn.py b/src/conf_mode/interfaces-openvpn.py
index 0e661c84b..25920f893 100755
--- a/src/conf_mode/interfaces-openvpn.py
+++ b/src/conf_mode/interfaces-openvpn.py
@@ -467,7 +467,7 @@ def generate(openvpn):
# Generate User/Password authentication file
if 'authentication' in openvpn:
render(openvpn['auth_user_pass_file'], 'openvpn/auth.pw.tmpl', openvpn,
- trim_blocks=True, user=user, group=group, permission=0o600)
+ user=user, group=group, permission=0o600)
else:
# delete old auth file if present
if os.path.isfile(openvpn['auth_user_pass_file']):
@@ -482,13 +482,12 @@ def generate(openvpn):
client_config['server_subnet'] = dict_search('server.subnet', openvpn)
render(client_file, 'openvpn/client.conf.tmpl', client_config,
- trim_blocks=True, user=user, group=group)
+ user=user, group=group)
# we need to support quoting of raw parameters from OpenVPN CLI
# see https://phabricator.vyos.net/T1632
render(cfg_file.format(**openvpn), 'openvpn/server.conf.tmpl', openvpn,
- trim_blocks=True, formater=lambda _: _.replace(""", '"'),
- user=user, group=group)
+ formater=lambda _: _.replace(""", '"'), user=user, group=group)
# Fixup file permissions
for file in fix_permissions:
diff --git a/src/conf_mode/interfaces-pppoe.py b/src/conf_mode/interfaces-pppoe.py
index ee3b142c8..c31e49574 100755
--- a/src/conf_mode/interfaces-pppoe.py
+++ b/src/conf_mode/interfaces-pppoe.py
@@ -93,25 +93,25 @@ def generate(pppoe):
return None
# Create PPP configuration files
- render(config_pppoe, 'pppoe/peer.tmpl',
- pppoe, trim_blocks=True, permission=0o755)
+ render(config_pppoe, 'pppoe/peer.tmpl', pppoe, permission=0o755)
+
# Create script for ip-pre-up.d
- render(script_pppoe_pre_up, 'pppoe/ip-pre-up.script.tmpl',
- pppoe, trim_blocks=True, permission=0o755)
+ render(script_pppoe_pre_up, 'pppoe/ip-pre-up.script.tmpl', pppoe,
+ permission=0o755)
# Create script for ip-up.d
- render(script_pppoe_ip_up, 'pppoe/ip-up.script.tmpl',
- pppoe, trim_blocks=True, permission=0o755)
+ render(script_pppoe_ip_up, 'pppoe/ip-up.script.tmpl', pppoe,
+ permission=0o755)
# Create script for ip-down.d
- render(script_pppoe_ip_down, 'pppoe/ip-down.script.tmpl',
- pppoe, trim_blocks=True, permission=0o755)
+ render(script_pppoe_ip_down, 'pppoe/ip-down.script.tmpl', pppoe,
+ permission=0o755)
# Create script for ipv6-up.d
- render(script_pppoe_ipv6_up, 'pppoe/ipv6-up.script.tmpl',
- pppoe, trim_blocks=True, permission=0o755)
+ render(script_pppoe_ipv6_up, 'pppoe/ipv6-up.script.tmpl', pppoe,
+ permission=0o755)
if 'dhcpv6_options' in pppoe and 'pd' in pppoe['dhcpv6_options']:
# ipv6.tmpl relies on ifname - this should be made consitent in the
# future better then double key-ing the same value
- render(config_wide_dhcp6c, 'dhcp-client/ipv6.tmpl', pppoe, trim_blocks=True)
+ render(config_wide_dhcp6c, 'dhcp-client/ipv6.tmpl', pppoe)
return None
diff --git a/src/conf_mode/interfaces-wireless.py b/src/conf_mode/interfaces-wireless.py
index d302c7df7..b25fcd4e0 100755
--- a/src/conf_mode/interfaces-wireless.py
+++ b/src/conf_mode/interfaces-wireless.py
@@ -241,10 +241,12 @@ def generate(wifi):
# render appropriate new config files depending on access-point or station mode
if wifi['type'] == 'access-point':
- render(hostapd_conf.format(**wifi), 'wifi/hostapd.conf.tmpl', wifi, trim_blocks=True)
+ render(hostapd_conf.format(**wifi), 'wifi/hostapd.conf.tmpl',
+ wifi)
elif wifi['type'] == 'station':
- render(wpa_suppl_conf.format(**wifi), 'wifi/wpa_supplicant.conf.tmpl', wifi, trim_blocks=True)
+ render(wpa_suppl_conf.format(**wifi), 'wifi/wpa_supplicant.conf.tmpl',
+ wifi)
return None
diff --git a/src/conf_mode/interfaces-wirelessmodem.py b/src/conf_mode/interfaces-wirelessmodem.py
index bce3405d0..976953b31 100755
--- a/src/conf_mode/interfaces-wirelessmodem.py
+++ b/src/conf_mode/interfaces-wirelessmodem.py
@@ -91,21 +91,21 @@ def generate(wwan):
wwan['device'] = find_device_file(wwan['device'])
# Create PPP configuration files
- render(config_wwan, 'wwan/peer.tmpl', wwan, trim_blocks=True)
+ render(config_wwan, 'wwan/peer.tmpl', wwan)
# Create PPP chat script
- render(config_wwan_chat, 'wwan/chat.tmpl', wwan, trim_blocks=True)
+ render(config_wwan_chat, 'wwan/chat.tmpl', wwan)
# generated script file must be executable
# Create script for ip-pre-up.d
render(script_wwan_pre_up, 'wwan/ip-pre-up.script.tmpl',
- wwan, trim_blocks=True, permission=0o755)
+ wwan, permission=0o755)
# Create script for ip-up.d
render(script_wwan_ip_up, 'wwan/ip-up.script.tmpl',
- wwan, trim_blocks=True, permission=0o755)
+ wwan, permission=0o755)
# Create script for ip-down.d
render(script_wwan_ip_down, 'wwan/ip-down.script.tmpl',
- wwan, trim_blocks=True, permission=0o755)
+ wwan, permission=0o755)
return None
diff --git a/src/conf_mode/ipsec-settings.py b/src/conf_mode/ipsec-settings.py
index 11a5b7aaa..a65e8b567 100755
--- a/src/conf_mode/ipsec-settings.py
+++ b/src/conf_mode/ipsec-settings.py
@@ -170,12 +170,12 @@ def verify(data):
raise ConfigError("L2TP VPN configuration error: \"vpn ipsec ipsec-interfaces\" must be specified.")
def generate(data):
- render(charon_conf_file, 'ipsec/charon.tmpl', data, trim_blocks=True)
+ render(charon_conf_file, 'ipsec/charon.tmpl', data)
if data["ipsec_l2tp"]:
remove_confs(delim_ipsec_l2tp_begin, delim_ipsec_l2tp_end, ipsec_secrets_file)
# old_umask = os.umask(0o077)
- # render(ipsec_secrets_file, 'ipsec/ipsec.secrets.tmpl', data, trim_blocks=True)
+ # render(ipsec_secrets_file, 'ipsec/ipsec.secrets.tmpl', data)
# os.umask(old_umask)
## Use this method while IPSec CLI handler won't be overwritten to python
write_ipsec_secrets(data)
@@ -186,12 +186,12 @@ def generate(data):
if not os.path.exists(ipsec_ra_conn_dir):
os.makedirs(ipsec_ra_conn_dir)
- render(ipsec_ra_conn_file, 'ipsec/remote-access.tmpl', data, trim_blocks=True)
+ render(ipsec_ra_conn_file, 'ipsec/remote-access.tmpl', data)
os.umask(old_umask)
remove_confs(delim_ipsec_l2tp_begin, delim_ipsec_l2tp_end, ipsec_conf_file)
# old_umask = os.umask(0o077)
- # render(ipsec_conf_file, 'ipsec/ipsec.conf.tmpl', data, trim_blocks=True)
+ # render(ipsec_conf_file, 'ipsec/ipsec.conf.tmpl', data)
# os.umask(old_umask)
## Use this method while IPSec CLI handler won't be overwritten to python
write_ipsec_conf(data)
diff --git a/src/conf_mode/nat.py b/src/conf_mode/nat.py
index b66cd370a..b467f3d74 100755
--- a/src/conf_mode/nat.py
+++ b/src/conf_mode/nat.py
@@ -268,7 +268,8 @@ def verify(nat):
return None
def generate(nat):
- render(iptables_nat_config, 'firewall/nftables-nat.tmpl', nat, trim_blocks=True, permission=0o755)
+ render(iptables_nat_config, 'firewall/nftables-nat.tmpl', nat,
+ permission=0o755)
return None
def apply(nat):
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index d6453ec83..b102b3e9e 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -53,8 +53,8 @@ def generate(ntp):
if not ntp:
return None
- render(config_file, 'ntp/ntp.conf.tmpl', ntp, trim_blocks=True)
- render(systemd_override, 'ntp/override.conf.tmpl', ntp, trim_blocks=True)
+ render(config_file, 'ntp/ntp.conf.tmpl', ntp)
+ render(systemd_override, 'ntp/override.conf.tmpl', ntp)
return None
diff --git a/src/conf_mode/protocols_bgp.py b/src/conf_mode/protocols_bgp.py
index 981ff9fe9..642738b09 100755
--- a/src/conf_mode/protocols_bgp.py
+++ b/src/conf_mode/protocols_bgp.py
@@ -80,10 +80,8 @@ def generate(bgp):
bgp[asn]['asn'] = asn
# render(config) not needed, its only for debug
- render(config_file, 'frr/bgp.frr.tmpl', bgp[asn], trim_blocks=True)
-
- bgp['new_frr_config'] = render_to_string('frr/bgp.frr.tmpl', bgp[asn],
- trim_blocks=True)
+ render(config_file, 'frr/bgp.frr.tmpl', bgp[asn])
+ bgp['new_frr_config'] = render_to_string('frr/bgp.frr.tmpl', bgp[asn])
return None
diff --git a/src/conf_mode/protocols_isis.py b/src/conf_mode/protocols_isis.py
index 03e11c6c4..df03fd990 100755
--- a/src/conf_mode/protocols_isis.py
+++ b/src/conf_mode/protocols_isis.py
@@ -107,10 +107,10 @@ def generate(isis):
isis[process]['process'] = process
# render(config) not needed, its only for debug
- render(config_file, 'frr/isis.frr.tmpl', isis[process], trim_blocks=True)
+ render(config_file, 'frr/isis.frr.tmpl', isis[process])
isis['new_frr_config'] = render_to_string('frr/isis.frr.tmpl',
- isis[process], trim_blocks=True)
+ isis[process])
return None
diff --git a/src/conf_mode/protocols_mpls.py b/src/conf_mode/protocols_mpls.py
index da298325c..791b18110 100755
--- a/src/conf_mode/protocols_mpls.py
+++ b/src/conf_mode/protocols_mpls.py
@@ -68,8 +68,7 @@ def generate(mpls):
mpls['new_frr_config'] = ''
return None
- mpls['new_frr_config'] = render_to_string('frr/ldpd.frr.tmpl', mpls,
- trim_blocks=True)
+ mpls['new_frr_config'] = render_to_string('frr/ldpd.frr.tmpl', mpls)
return None
def apply(mpls):
diff --git a/src/conf_mode/service_ids_fastnetmon.py b/src/conf_mode/service_ids_fastnetmon.py
index 27d0ee60c..67edeb630 100755
--- a/src/conf_mode/service_ids_fastnetmon.py
+++ b/src/conf_mode/service_ids_fastnetmon.py
@@ -56,7 +56,7 @@ def verify(fastnetmon):
if not os.access(fastnetmon["alert_script"], os.X_OK):
raise ConfigError('Script {0} does not have permissions for execution'.format(fastnetmon["alert_script"]))
else:
- raise ConfigError('File {0} does not exists!'.format(fastnetmon["alert_script"]))
+ raise ConfigError('File {0} does not exists!'.format(fastnetmon["alert_script"]))
def generate(fastnetmon):
if not fastnetmon:
@@ -67,8 +67,8 @@ def generate(fastnetmon):
return
- render(config_file, 'ids/fastnetmon.tmpl', fastnetmon, trim_blocks=True)
- render(networks_list, 'ids/fastnetmon_networks_list.tmpl', fastnetmon, trim_blocks=True)
+ render(config_file, 'ids/fastnetmon.tmpl', fastnetmon)
+ render(networks_list, 'ids/fastnetmon_networks_list.tmpl', fastnetmon)
return None
diff --git a/src/conf_mode/service_ipoe-server.py b/src/conf_mode/service_ipoe-server.py
index 68c554360..f676fdbbe 100755
--- a/src/conf_mode/service_ipoe-server.py
+++ b/src/conf_mode/service_ipoe-server.py
@@ -283,7 +283,7 @@ def generate(ipoe):
if not ipoe:
return None
- render(ipoe_conf, 'accel-ppp/ipoe.config.tmpl', ipoe, trim_blocks=True)
+ render(ipoe_conf, 'accel-ppp/ipoe.config.tmpl', ipoe)
if ipoe['auth_mode'] == 'local':
render(ipoe_chap_secrets, 'accel-ppp/chap-secrets.ipoe.tmpl', ipoe)
diff --git a/src/conf_mode/service_pppoe-server.py b/src/conf_mode/service_pppoe-server.py
index 2260b3fe1..9fbd531da 100755
--- a/src/conf_mode/service_pppoe-server.py
+++ b/src/conf_mode/service_pppoe-server.py
@@ -73,11 +73,11 @@ def generate(pppoe):
if not pppoe:
return None
- render(pppoe_conf, 'accel-ppp/pppoe.config.tmpl', pppoe, trim_blocks=True)
+ render(pppoe_conf, 'accel-ppp/pppoe.config.tmpl', pppoe)
if dict_search('authentication.mode', pppoe) == 'local':
render(pppoe_chap_secrets, 'accel-ppp/chap-secrets.config_dict.tmpl',
- pppoe, trim_blocks=True, permission=0o640)
+ pppoe, permission=0o640)
else:
if os.path.exists(pppoe_chap_secrets):
os.unlink(pppoe_chap_secrets)
diff --git a/src/conf_mode/service_router-advert.py b/src/conf_mode/service_router-advert.py
index 687d7068f..65eb11ce3 100755
--- a/src/conf_mode/service_router-advert.py
+++ b/src/conf_mode/service_router-advert.py
@@ -93,7 +93,7 @@ def generate(rtradv):
if not rtradv:
return None
- render(config_file, 'router-advert/radvd.conf.tmpl', rtradv, trim_blocks=True, permission=0o644)
+ render(config_file, 'router-advert/radvd.conf.tmpl', rtradv, permission=0o644)
return None
def apply(rtradv):
diff --git a/src/conf_mode/ssh.py b/src/conf_mode/ssh.py
index e07745963..8f99053d2 100755
--- a/src/conf_mode/ssh.py
+++ b/src/conf_mode/ssh.py
@@ -66,8 +66,8 @@ def generate(ssh):
return None
- render(config_file, 'ssh/sshd_config.tmpl', ssh, trim_blocks=True)
- render(systemd_override, 'ssh/override.conf.tmpl', ssh, trim_blocks=True)
+ render(config_file, 'ssh/sshd_config.tmpl', ssh)
+ render(systemd_override, 'ssh/override.conf.tmpl', ssh)
return None
diff --git a/src/conf_mode/system-login.py b/src/conf_mode/system-login.py
index 2c0bbd4f7..39bad717d 100755
--- a/src/conf_mode/system-login.py
+++ b/src/conf_mode/system-login.py
@@ -256,7 +256,7 @@ def generate(login):
if len(login['radius_server']) > 0:
render(radius_config_file, 'system-login/pam_radius_auth.conf.tmpl',
- login, trim_blocks=True)
+ login)
uid = getpwnam('root').pw_uid
gid = getpwnam('root').pw_gid
diff --git a/src/conf_mode/system-option.py b/src/conf_mode/system-option.py
index 2376e5d44..447c97a78 100755
--- a/src/conf_mode/system-option.py
+++ b/src/conf_mode/system-option.py
@@ -73,8 +73,8 @@ def verify(options):
return None
def generate(options):
- render(curlrc_config, 'system/curlrc.tmpl', options, trim_blocks=True)
- render(ssh_config, 'system/ssh_config.tmpl', options, trim_blocks=True)
+ render(curlrc_config, 'system/curlrc.tmpl', options)
+ render(ssh_config, 'system/ssh_config.tmpl', options)
return None
def apply(options):
diff --git a/src/conf_mode/system-syslog.py b/src/conf_mode/system-syslog.py
index b1daf7a82..3d8a51cd8 100755
--- a/src/conf_mode/system-syslog.py
+++ b/src/conf_mode/system-syslog.py
@@ -203,12 +203,12 @@ def generate(c):
return None
conf = '/etc/rsyslog.d/vyos-rsyslog.conf'
- render(conf, 'syslog/rsyslog.conf.tmpl', c, trim_blocks=True)
+ render(conf, 'syslog/rsyslog.conf.tmpl', c)
# eventually write for each file its own logrotate file, since size is
# defined it shouldn't matter
conf = '/etc/logrotate.d/vyos-rsyslog'
- render(conf, 'syslog/logrotate.tmpl', c, trim_blocks=True)
+ render(conf, 'syslog/logrotate.tmpl', c)
def verify(c):
diff --git a/src/conf_mode/system_lcd.py b/src/conf_mode/system_lcd.py
index a540d1b9e..b5ce32beb 100755
--- a/src/conf_mode/system_lcd.py
+++ b/src/conf_mode/system_lcd.py
@@ -61,9 +61,9 @@ def generate(lcd):
lcd['device'] = find_device_file(lcd['device'])
# Render config file for daemon LCDd
- render(lcdd_conf, 'lcd/LCDd.conf.tmpl', lcd, trim_blocks=True)
+ render(lcdd_conf, 'lcd/LCDd.conf.tmpl', lcd)
# Render config file for client lcdproc
- render(lcdproc_conf, 'lcd/lcdproc.conf.tmpl', lcd, trim_blocks=True)
+ render(lcdproc_conf, 'lcd/lcdproc.conf.tmpl', lcd)
return None
diff --git a/src/conf_mode/tftp_server.py b/src/conf_mode/tftp_server.py
index 56e195b6a..2409eec1f 100755
--- a/src/conf_mode/tftp_server.py
+++ b/src/conf_mode/tftp_server.py
@@ -92,7 +92,7 @@ def generate(tftpd):
config['listen_address'] = f'[{address}]:{port} -6'
file = config_file + str(idx)
- render(file, 'tftp-server/default.tmpl', config, trim_blocks=True)
+ render(file, 'tftp-server/default.tmpl', config)
idx = idx + 1
return None
diff --git a/src/conf_mode/vpn_l2tp.py b/src/conf_mode/vpn_l2tp.py
index 80eb8daf2..e970d2ef5 100755
--- a/src/conf_mode/vpn_l2tp.py
+++ b/src/conf_mode/vpn_l2tp.py
@@ -357,7 +357,7 @@ def generate(l2tp):
if not l2tp:
return None
- render(l2tp_conf, 'accel-ppp/l2tp.config.tmpl', l2tp, trim_blocks=True)
+ render(l2tp_conf, 'accel-ppp/l2tp.config.tmpl', l2tp)
if l2tp['auth_mode'] == 'local':
render(l2tp_chap_secrets, 'accel-ppp/chap-secrets.tmpl', l2tp)
diff --git a/src/conf_mode/vpn_openconnect.py b/src/conf_mode/vpn_openconnect.py
index af8604972..b2aa13c0d 100755
--- a/src/conf_mode/vpn_openconnect.py
+++ b/src/conf_mode/vpn_openconnect.py
@@ -34,12 +34,10 @@ ocserv_passwd = cfg_dir + '/ocpasswd'
radius_cfg = cfg_dir + '/radiusclient.conf'
radius_servers = cfg_dir + '/radius_servers'
-
# Generate hash from user cleartext password
def get_hash(password):
return crypt(password, mksalt(METHOD_SHA512))
-
def get_config():
conf = Config()
base = ['vpn', 'openconnect']
@@ -47,10 +45,12 @@ def get_config():
return None
ocserv = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True)
+ # We have gathered the dict representation of the CLI, but there are default
+ # options which we need to update into the dictionary retrived.
default_values = defaults(base)
ocserv = dict_merge(default_values, ocserv)
- return ocserv
+ return ocserv
def verify(ocserv):
if ocserv is None:
@@ -88,7 +88,7 @@ def verify(ocserv):
ocserv["network_settings"]["push_route"].remove("0.0.0.0/0")
ocserv["network_settings"]["push_route"].append("default")
else:
- ocserv["network_settings"]["push_route"] = "default"
+ ocserv["network_settings"]["push_route"] = "default"
else:
raise ConfigError('openconnect network settings required')
@@ -99,19 +99,18 @@ def generate(ocserv):
if "radius" in ocserv["authentication"]["mode"]:
# Render radius client configuration
- render(radius_cfg, 'ocserv/radius_conf.tmpl', ocserv["authentication"]["radius"], trim_blocks=True)
+ render(radius_cfg, 'ocserv/radius_conf.tmpl', ocserv["authentication"]["radius"])
# Render radius servers
- render(radius_servers, 'ocserv/radius_servers.tmpl', ocserv["authentication"]["radius"], trim_blocks=True)
+ render(radius_servers, 'ocserv/radius_servers.tmpl', ocserv["authentication"]["radius"])
else:
if "local_users" in ocserv["authentication"]:
for user in ocserv["authentication"]["local_users"]["username"]:
ocserv["authentication"]["local_users"]["username"][user]["hash"] = get_hash(ocserv["authentication"]["local_users"]["username"][user]["password"])
# Render local users
- render(ocserv_passwd, 'ocserv/ocserv_passwd.tmpl', ocserv["authentication"]["local_users"], trim_blocks=True)
+ render(ocserv_passwd, 'ocserv/ocserv_passwd.tmpl', ocserv["authentication"]["local_users"])
# Render config
- render(ocserv_conf, 'ocserv/ocserv_config.tmpl', ocserv, trim_blocks=True)
-
+ render(ocserv_conf, 'ocserv/ocserv_config.tmpl', ocserv)
def apply(ocserv):
diff --git a/src/conf_mode/vpn_pptp.py b/src/conf_mode/vpn_pptp.py
index 3125ee9d0..30abe4782 100755
--- a/src/conf_mode/vpn_pptp.py
+++ b/src/conf_mode/vpn_pptp.py
@@ -264,10 +264,10 @@ def generate(pptp):
if not pptp:
return None
- render(pptp_conf, 'accel-ppp/pptp.config.tmpl', pptp, trim_blocks=True)
+ render(pptp_conf, 'accel-ppp/pptp.config.tmpl', pptp)
if pptp['local_users']:
- render(pptp_chap_secrets, 'accel-ppp/chap-secrets.tmpl', pptp, trim_blocks=True)
+ render(pptp_chap_secrets, 'accel-ppp/chap-secrets.tmpl', pptp)
os.chmod(pptp_chap_secrets, S_IRUSR | S_IWUSR | S_IRGRP)
else:
if os.path.exists(pptp_chap_secrets):
diff --git a/src/conf_mode/vpn_sstp.py b/src/conf_mode/vpn_sstp.py
index 1b2b80ce5..47367f125 100755
--- a/src/conf_mode/vpn_sstp.py
+++ b/src/conf_mode/vpn_sstp.py
@@ -82,11 +82,11 @@ def generate(sstp):
return None
# accel-cmd reload doesn't work so any change results in a restart of the daemon
- render(sstp_conf, 'accel-ppp/sstp.config.tmpl', sstp, trim_blocks=True)
+ render(sstp_conf, 'accel-ppp/sstp.config.tmpl', sstp)
if dict_search('authentication.mode', sstp) == 'local':
render(sstp_chap_secrets, 'accel-ppp/chap-secrets.config_dict.tmpl',
- sstp, trim_blocks=True, permission=0o640)
+ sstp, permission=0o640)
else:
if os.path.exists(sstp_chap_secrets):
os.unlink(sstp_chap_secrets)