summaryrefslogtreecommitdiff
path: root/data/templates/https
AgeCommit message (Collapse)Author
2024-01-09https: T5902: remove virtual-host configurationChristian Breunig
We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement.
2024-01-06https: T5886: migrate https certbot to new "pki certificate" CLI treeChristian Breunig
2023-12-31T5474: establish common file name pattern for XML conf mode commandsChristian Breunig
We will use _ as CLI level divider. The XML definition filename and also the Python helper should match the CLI node. Example: set interfaces ethernet -> interfaces_ethernet.xml.in set interfaces bond -> interfaces_bond.xml.in set service dhcp-server -> service_dhcp-server-xml.in
2023-11-21T5767: HTTPS API add reboot and poweroff endpointsViacheslav Hletenko
Add ability to reboot and poweroff the system via API curl -k --location --request POST 'https://vyos/reboot' \ --form data='{"op": "reboot", "path": ["now"]}' \ --form key='apikey' curl -k --location --request POST 'https://vyos/poweroff' \ --form data='{"op": "poweroff", "path": ["now"]}' \ --form key='apikey'
2023-11-20http: T5762: api: make API socket backend communication the one and only defaultChristian Breunig
Why: Smoketests fail as they can not establish IPv6 connection to uvicorn backend server. https://github.com/vyos/vyos-1x/pull/2481 added a bunch of new smoketests. While debugging those failing, it was uncovered, that uvicorn only listens on IPv4 connections vyos@vyos# netstat -tulnp | grep 8080 (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN - As the CLI already has an option to move the API communication from an IP to a UNIX domain socket, the best idea is to make this the default way of communication, as we never directly talk to the API server but rather use the NGINX reverse proxy.
2023-10-09http-api: T2612: reload server within configsession for api self-configJohn Estabrook
2023-03-31http-api: T5126: allow restricting client IP addressJohn Estabrook
2023-02-24Merge pull request #1848 from sever-sever/T5029Christian Breunig
T5029: Change nginx default root directory
2023-02-24T5029: Change nginx default root directoryViacheslav Hletenko
2023-02-24T5029: Fix Regex for nginx to find a better matchViacheslav Hletenko
2023-01-09container: T4880: add REST API endpoint for add/delelete/show imagesJohn Estabrook
2022-05-26http-api: T4442: Add action resetViacheslav Hletenko
Add action 'reset' (op-mode) for HTTP-API http://localhost/reset curl --unix-socket /run/api.sock -X POST -Fkey=mykey \ -Fdata='{"op": "reset", "path": ["ip", "bgp", "192.0.2.14"]}' \ http://localhost/reset
2022-05-01http: api: T4353: fix Jinja2 linting errorsChristian Poessinger
2022-04-13http: api: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-11Revert "https: T4333: migrate to new vyos_defined Jinja2 test"Christian Poessinger
This reverts commit 77bbf766e8023e73df1c3c1360f607a4d94727fd.
2022-04-10https: T4333: migrate to new vyos_defined Jinja2 testChristian Poessinger
2022-04-07http api: T4347: return complete and consistent error codesJohn Estabrook
2022-01-06https: T4146: do not listen on port 80John Estabrook
2021-12-26http: api: T4055: add VRF supportChristian Poessinger
2021-12-13http-api: T4071: allow API to bind to unix domain socketJohn Estabrook
2021-12-06https: T4055: add vrf supportChristian Poessinger
2021-09-06https: T2230: only support TLS1.2 and TLS1.3Christian Poessinger
2021-08-13nginx: T3740: use bracketize_ipv6 Jinja2 filter on server addressChristian Poessinger
2021-08-06http-api: T2768: example using GraphQL for high-level config operationsJohn Estabrook
2021-08-06Revert "http-api: T2768: example using GraphQL for high-level config operations"John Estabrook
This reverts commit a2b959c50c96698da173b9c4720369a51442cc5c.
2021-08-06http-api: T2768: example using GraphQL for high-level config operationsJohn Estabrook
2021-07-22pki: https: T3642: Migrate HTTPS to use PKI configurationsarthurdev
2021-03-26http api: T3412: use FastAPI as web framework; support application/jsonJohn Estabrook
Replace the Flask micro-framework with FastAPI, in order to support extensions to the API and OpenAPI 3.* generation. This change will remain backwards compatible with previous versions. Notably, the multipart forms version of requests remain supported; in addition application/json requests are now natively supported.
2021-02-26https: T3357: redirect http request on non-standard https portJohn Estabrook
2020-10-29T3029 Correct generated nginx contentCédric Jeanneret
The redirection was using the wrong variable ($server_name), making the browser going to https://_ instead of the right variable.
2020-08-26https: T2830: update to use get_config_dictJohn Estabrook
2020-08-19https: T2815: adjust for change in certbot config directoryJohn Estabrook
2020-04-08http api: T2252: increase proxy_read_timeout for image managementJohn Estabrook
2020-04-07http api: T2160: Fix error message when api proxy restricted.John Estabrook
2020-04-05https: T2230: convert template from dos to unix line endingsChristian Poessinger
2020-04-05https: T2230: move inlined templates to dedicated filesChristian Poessinger
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-22 02:38:34 +0000