summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2021-08-23container: T2216: bugfix ValueError when assembling volumesChristian Poessinger
A call to .items() was missing that triggered the following error: ValueError: too many values to unpack (expected 2)
2021-08-23container: T2216: no need to query container statusChristian Poessinger
As VyOS CLI is the only truth for dealing with containers we do not need to query if a container is running, exists or what so ever. We simply always restart it if something changes and do not rely on the underlaying Linux status. If a users does container stuff under the hood - it will be overridden.
2021-08-23container: T2216: name of container must be alphanumeric and can contain a ↵Christian Poessinger
hyphen
2021-08-23ipsec: T1210: use ConfigTreeQuery() instead of Config() from op-modeChristian Poessinger
2021-08-23pki: T3642: use ConfigTreeQuery() instead of Config() from op-modeChristian Poessinger
2021-08-23container: T2216: op-mode now supports updating the image for a given containerChristian Poessinger
2021-08-23container: T2216: increase sysctl inotify watchersChristian Poessinger
2021-08-23containers: T2216: restructure container_base_cmd to have image name at the endChristian Poessinger
2021-08-23containers: T2216: add CLI commands to specify restart behavior and memory usageChristian Poessinger
A container is limited to 256MB memory by default and will always restart on failure.
2021-08-23containers: T2216: xml: impove help string for address commandChristian Poessinger
2021-08-23containers: T2216: add environmnet variable constraintChristian Poessinger
An environment variable passed to podman can only consist out of alphanumeric characters, a hypend and an underscore.
2021-08-23container: T2216: add completion helper for "delete container image"Christian Poessinger
2021-08-23containers: T2216: add missing verify() step on environment variablesChristian Poessinger
A environment variable MUST always have a value specified. Non existing values will cause the following error: Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/containers.py", line 269, in <module> apply(c) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in apply env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) File "/usr/libexec/vyos/conf_mode/containers.py", line 224, in <genexpr> env_opt += " -e ".join(f"{k}={v['value']}" for k, v in container_config['environment'].items()) KeyError: 'value'
2021-08-22Makefile: T3165: do not allow empty node.def files for op-mode commandsChristian Poessinger
Commit 99440fc0 ("Makefile: fix logic to detect empty "node.def" files") disabled the detection of empty node.def files for op-mode commands. The generation of a duplicate and thus empty node.def file is not prohibited by commit 17b5ac14 ("T3165: op-mode: prevent override of populated node.def file with empty content") and thus the check is re-enabled!
2021-08-22logChristian Poessinger
2021-08-22xml: op-mode: add missing help test for "reset openvpn" commandChristian Poessinger
2021-08-22xml: op-mode: add missing help test for "monitor protocol ospf" commandsChristian Poessinger
2021-08-22xml: op-mode: remove multiple "Reset a service" help definitionsChristian Poessinger
That nasty workaround to always specify the same value for the node.def file as the help text is no longer necessary after commit 17b5ac14 ("T3165: op-mode: prevent override of populated node.def file with empty content". The redundant definitions are no longer necessary.
2021-08-22container: op-mode: T3765: add "show log container" commandChristian Poessinger
2021-08-22T3165: op-mode: prevent override of populated node.def file with empty contentChristian Poessinger
This is an extension to commit b4fdcebe ("T3165: prevent override of populated node.def file with empty content") which implemented the same thing for the configuration mode commands.
2021-08-22scripts: op-mode: use Python 'f'ormat strings on debug messagesChristian Poessinger
2021-08-22ipsec: T2816: l2tp ipsec VPN must be started after strongSwanChristian Poessinger
2021-08-22container: op-mode: T3765: add "restart container" commandChristian Poessinger
2021-08-22container: op-mode: T3765: move "connect container" command to ↵Christian Poessinger
container.xml.in file
2021-08-22container: op-mode: T3765: add "connect container mysql-server" commandChristian Poessinger
2021-08-22ipsec: T1210: op-mode command for Windows has no "profile" optionChristian Poessinger
2021-08-22l2tp: Jinja2 add trailing newlineChristian Poessinger
2021-08-22smoketest: pppoes: adjust testcase to vyos.ifconfig.interface migrationChristian Poessinger
Now that the PPPoE interface also makes use of the vyos.ifconfig.interface class, we need to adjust the smoketests to reflect all those changes. TODO: Start a local PPPoE server in a namespace and connect locally for deeper testing.
2021-08-22pppoe: T1318: set source interface next to rp-pppoe.so plugin in peer templateChristian Poessinger
2021-08-22pppoe: T3641: set "noipv6" if IPv6 is not configured in newer pppd versionChristian Poessinger
2021-08-21vyos.configverify: use build-in functions for verify_interface_exists()Christian Poessinger
2021-08-21pppoe: T1318: bump priority by 1 so we can source from pseudo-ethernet ↵Christian Poessinger
interfaces
2021-08-21pppoe: T1318: implement missing access-concentrator CLI optionChristian Poessinger
2021-08-21vyos.configdict: leaf_node_changed() must return empty dict when node is addedChristian Poessinger
vyos@vyos# show interfaces pppoe pppoe pppoe10 { + access-concentrator asdfg authentication { password bar user foo } default-route force no-peer-dns source-interface eth0.202 } vyos@vyos# python3 Python 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110] on linux Type "help", "copyright", "credits" or "license" for more information. >>> from vyos.config import Config >>> from vyos.configdict import get_interface_dict >>> from vyos.configdict import leaf_node_changed >>> conf = Config() >>> base = ['interfaces', 'pppoe'] >>> tmp = get_interface_dict(conf, base, 'pppoe10') >>> leaf_node_changed(conf, ['access-concentrator']) >>> ['']
2021-08-21pppoe: T3090: migrate to vyos.ifconfig library to use the full potentialChristian Poessinger
Now that MSS clamping is done on the "per-interface" level the entire PPPoE stuff would have needed to get a full copy in GNU BASH for this or, participate in the common library. Add a new PPP ip-up script named 99-vyos-pppoe-callback which will call the vyos.ifconfig.PPPoEIf.update() function to configure everything as done with all other interfaces. This removes duplicated code for VRF assignment and route installation when a PPPoE interface is brought up or down.
2021-08-21pppoe: T3090: support forward disable on a PPPoE linkChristian Poessinger
2021-08-21vyos.ifconfig: provide generic get_mac_synthetic() methodChristian Poessinger
WireGuard, Tunnel and also PPPoE all need a ways to calculate a synthetic MAC address used for the EUI64 link-local addresses. Instead of copying the code from Tunnel to WireGuard to PPPoE, use a generic implementation.
2021-08-21smoketest: base: abbreviate path to /proc/sys/netChristian Poessinger
2021-08-21vyos.configdict: add note when using leaf_node_changed()Christian Poessinger
2021-08-21route: static: T2450: add next-hop interface on dhcp routesChristian Poessinger
2021-08-21vyos.ifconfig: bridge: remove missleading comment in update()Christian Poessinger
2021-08-21wwan: T3620: remove superfluous import statementChristian Poessinger
WWAN does no londer need to render any configuration files.
2021-08-21xml: interfaces: use one common building block for "disable-forwarding"Christian Poessinger
Both building blocks only differed in the help text, so use IP for both IPv4 and IPv6.
2021-08-21vti: T1441: enable ipv4/ipv6 interface optionsChristian Poessinger
Now that we are based on XFRM interfaces we can also enable specific IPv4 and IPv6 interface options.
2021-08-21interfaces: T3090: migrate adjust-mss from "firewall options" to "interface" ↵Christian Poessinger
level Getting rid of "set firewall options" and move it from: set firewall options interface ethX adjust-mss 1400 set firewall options interface ethX adjust-mss6 1400 to: set interfaces ethernet ethX ip adjust-mss 1400 set interfaces ethernet ethX ipv6 adjust-mss 1400 In addition add an extra option called clamp-mss-to-pmtu instead of a value.
2021-08-21T1950: fix permissions on component-versions.json fileJohn Estabrook
2021-08-21udev: T2490: fix substitution error reported by udevChristian Poessinger
2021-08-21op-mode: nhrp: T3599: check if process is running instead of checking PID fileChristian Poessinger
2021-08-21nhrp: T3599: move PID file to /run/opennhrpChristian Poessinger
2021-08-21Debian: disable time consuming dh_strip_nondeterminismChristian Poessinger
Skip dh_strip_nondeterminism - this is very time consuming and we have no non deterministic output (yet).