summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2025-04-05kea: T7324: Fix kea_get_domain_from_subnet_id returning incorrect valueAlex W
2025-04-05Merge pull request #4436 from c-po/vxlan-frrenderChristian Breunig
frrender: T7273: always start from the configs root level
2025-04-04frrender: T7273: always start from the configs root levelChristian Breunig
Working on T7273 revealed that when committing the following CLI config "set interfaces vxlan vxlan0 parameters neighbor-suppress" the CLI level queried via conf.get_level() was at ['interfaces', 'vxlan']. This had the side effect that queries on the configuration like: conf.exists(['protocols', 'bgp']) returned False, as it would look accidently at the level: ['interfaces', 'vxlan', 'protocols', 'bgp'] This error was there from the beginning of the FRRender class implementation.
2025-04-03Merge pull request #4431 from sever-sever/T7290Daniil Baturin
T7290: Fix VPN IPsec log level processing
2025-04-03Merge pull request #4432 from jestabro/relative-path-submodViacheslav Hletenko
T7289: fix relative path for git submodule url
2025-04-02T7289: fix relative path for git submodule urlJohn Estabrook
2025-04-02T7290: Fix VPN IPsec log level processingViacheslav Hletenko
Fix the IPsec log level option processing set vpn ipsec log level '2' Render Jinja2 template to generate correct log for IPsec for the file /etc/strongswan.d/charon-systemd.conf
2025-04-01Merge pull request #4428 from dmbaturin/T7159-conditional-nonproduction-bannerChristian Breunig
login: T7159: limit the "not a production version" to dev builds
2025-04-01Merge pull request #4429 from dmbaturin/T7301-goodbye-gnupgChristian Breunig
installer: T7301: remove support for GnuPG signatures
2025-03-31installer: T7301: remove support for GnuPG signaturesDaniil Baturin
2025-03-31login: T7159: limit the "not a production version" to dev buildsDaniil Baturin
(as in, display it only if the build_type version data field is not "release")
2025-03-31Merge pull request #4420 from c-po/veth-mtuChristian Breunig
virtual-ethernet: T7293: add support to define interface MTU
2025-03-31Merge pull request #4424 from c-po/acme-race-T7299Christian Breunig
pki: T7299: race condition for acme requested certificates / CA chain
2025-03-31Merge pull request #4425 from jestabro/submod-typoChristian Breunig
T7289: fix typo in git submodule status check
2025-03-31Merge pull request #4426 from jestabro/restrict-opam-package-versionChristian Breunig
T7296: update hash for restrict opam ppx_deriving_yojson <= v3.9.1
2025-03-30T7296: update hash for restrict opam ppx_deriving_yojson <= v3.9.1John Estabrook
2025-03-30T7289: fix typo in git submodule status checkJohn Estabrook
2025-03-30pki: T7299: race condition for acme requested certificates / CA chainChristian Breunig
When using the VyOS internal PKI subsystem to request a certificate using ACME, the issuer CA is not automatically imported in the PKI subsystem on the first run due to a race condition. Issue is fixed by adding all newly requested and granted ACME certificates to the list of ACME certificates "on disk" which are used to extract the issuing CA certificate.
2025-03-29Merge pull request #4417 from jestabro/submod-libvyosconfigJohn Estabrook
T7289: add libvyosconfig as git submodule for builds from private repos
2025-03-29Merge pull request #4409 from woodsb02/patch-2Christian Breunig
syslog: T7270: fix typos in rsyslog.conf
2025-03-29Merge pull request #4416 from sever-sever/T7286Christian Breunig
T7286: Add CLI option to disable LDP establish packets
2025-03-29Merge pull request #4418 from kumvijaya/currentChristian Breunig
T7291: disabled codeowners review
2025-03-29Merge pull request #4423 from jestabro/preserve-symlinksChristian Breunig
T7294: preserve /config symlinks on image upgrade
2025-03-29T7286: Add CLI option to disable LDP establish packetsViacheslav Hletenko
If a router has not formed an LDP neighbor adjacency yet, it answers all received LDP Hello packets from non-neighbors with new Hello packets. This leads to flooding LDP packets to all routers for each LDP incoming packet. Add configuration option to disable this behavior ``` set protocols mpls ldp interface eth0 disable-establish-hello ```
2025-03-28T7294: preserve /config symlinks on image upgradeJohn Estabrook
The service certbot expects symbolic links for /config/auth/letsencrypt/live/<cert_name>/*.pem however, the default behavior of copytree copies the linked files during image upgrade. Set copytree argument to preserve symlinks.
2025-03-29virtual-ethernet: T7293: add support to define interface MTUChristian Breunig
2025-03-28Merge pull request #4421 from dmbaturin/T7295-tzdata-dependencyDaniil Baturin
fixup: T7295: add an explicit dependency on tzdata > 2025 to prevent APT from pulling that package from buster
2025-03-28fixup: T7295: add an explicit dependency on tzdata > 2025Daniil Baturin
to prevent APT from pulling that package from buster
2025-03-28T7291: disabled codeowners reviewkumvijaya
2025-03-27T7289: attempt to update submodule if status inconsistentJohn Estabrook
2025-03-27T7289: set url as relative pathJohn Estabrook
2025-03-27T7289: update Makefile for libvyosconfig as git submoduleJohn Estabrook
2025-03-26T7289: add libvyosconfig as git submoduleJohn Estabrook
2025-03-25Merge pull request #4415 from jestabro/strip-versionJohn Estabrook
T7246: update hash for strip version on config load
2025-03-25T7246: update hash for strip version on config loadJohn Estabrook
2025-03-25Merge pull request #4413 from oniko94/fix/T7278-fix-cracklib-dep-buildJohn Estabrook
T7278: Remove cracklib hack from postconfig script template
2025-03-25Merge pull request #4326 from Embezzle/T5493Daniil Baturin
firewall: T5493: Implement remote-group
2025-03-25syslog: T7270: improve descriptions of format optionsBen Woods
2025-03-25T7278: Remove cracklib hack from postinstall script templateoniko94
2025-03-21firewall: T5493: Implement remote-groupAlex W
2025-03-21syslog: T7270: fix SyslogProtocol23Format typo in rsyslog.confBen Woods
2025-03-21syslog: T7270: fix octed-counted typo in rsyslog.confBen Woods
2025-03-21Merge pull request #4397 from c-po/T861-secure-boot-certsChristian Breunig
T861: rename Secure Boot MOK (Machine Owner Key) file
2025-03-21Merge pull request #4400 from l0crian1/currentChristian Breunig
T7138: Fix show qos
2025-03-20Merge pull request #4402 from c-po/wireguard-key-T7246Christian Breunig
wireguard: T7246: verify Base64 encoded 32byte boundary on keys
2025-03-20wireguard: T7246: verify Base64 encoded 32byte boundary on keysChristian Breunig
Not 31 bytes or 33 bytes, but exactly 32. This matters, because 32 does not divide evenly by .75, so there's a padding character and the penultimate character does not include the whole base64 alphabet. Extend the base64 validator with an optional argument to define the length to match of the decrypted Base64 encoded string. Source: https://lists.zx2c4.com/pipermail/wireguard/2020-December/006222.html
2025-03-20Merge pull request #4407 from jestabro/relax-lexer-testJohn Estabrook
T7246: update libvyosconfig hash and add nosetest
2025-03-20T7246: update libvyosconfig hash and add nosetestJohn Estabrook
2025-03-20Merge pull request #4406 from jestabro/relax-lexerJohn Estabrook
T7246: do not pass unneeded version string to parser
2025-03-18T7246: do not pass unneeded version string to parserJohn Estabrook
Previously the parser would ignore lines beginning with '//', however this is unnecessarily restrictive. Pass only config information to parser, as the version string is saved separately for reconstruction on render.
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-22 02:22:21 +0000