summaryrefslogtreecommitdiff
path: root/data/templates
AgeCommit message (Collapse)Author
2021-12-07FRR: T4020: Updated CLI options processing for FRR daemonszsdc
Instead of analyzing options for each daemon now we use a single template for the whole configuration file. This makes logic a bit less flexible, but much easier. Removed unnecessary check for returned by the `conf.get_config_dict(base)` config. Also, added the ability to disable `strip()` of file content while using `read_file()` what is necessary for proper comparing with updated content.
2021-11-21Merge pull request #1074 from sever-sever/T4010Christian Poessinger
dmvpn: T4010: Fix template ipsec profile rekey_time
2021-11-18dmvpn: T4010: Fix template ipsec profile rekey_timeViacheslav
2021-11-18console-server: T2490: display /etc/issue.net on SSH loginsChristian Poessinger
2021-11-18dhcp: T4008: change client retry interval form 300 -> 60 secondsChristian Poessinger
(cherry picked from commit e1539b6fffaf10863e41a73a380f9de40f6aece6)
2021-11-15vrf: T3960: when adding multiple VRFs and VNIs - do not delete previous onesChristian Poessinger
2021-11-07protocols: static: T3680: do not delete DHCP received routesChristian Poessinger
An ISC DHCP hook script is used to install the received default route into FRR by simple calls to vtysh. By moving to frr-reload.py the DHCP default route was deleted as it was not found in the running config. This commit checks all interfaces if DHCP is enabled and if so - will dynamically add the route to the generated FRR configuration.
2021-11-03sstp: T2566: use XML defaultValue over Jinja2 hardcoded valueChristian Poessinger
(cherry picked from commit 01ed77040ec9493e4ca1cf868ff3c22847da4487)
2021-11-03sstp: T2566: Fix to allow IPv6 only poolsViacheslav
To allow IPv6 only for vpn sstp sessions we have to add 'ppp-options' which can disable IPv4 allocation explicity. Additional IPv6 ppp-options and fix template for it. (cherry picked from commit dd036c62d1370f655a8d2075577597f24ffff7dc)
2021-11-01Merge branch 'current' into T3350-sagittazdc
2021-10-31openvpn: T3834: Support for Two Factor Authentication totpKim
2021-10-26bgp: T3945: relax Jinja2 for loop for aggregate-addressChristian Poessinger
2021-10-26bgp: T3945: Add route-map for aggregate-addressViacheslav
2021-10-25Merge pull request #1037 from sever-sever/T2683Christian Poessinger
hosts: T2683: Allow multiple entries for static-host-mapping
2021-10-25snmp: T2763: Add protocol TCP for service snmpViacheslav
2021-10-22hosts: T2683: Allow multiple entries for static-host-mappingViacheslav
2021-10-20Merge pull request #1030 from sarthurdev/mdns-avahiChristian Poessinger
mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeater
2021-10-19mdns: T3917: Change to avahi-daemon for IPv4 + IPv6 mDNS repeatersarthurdev
2021-10-18Merge pull request #1022 from sever-sever/T3897Christian Poessinger
ddclient: T3897: Add option for IPv6 Dynamic DNS
2021-10-18ddclient: T3897: Add option for IPv6 Dynamic DNSViacheslav
2021-10-16l2tp: T3724: allow setting accel-ppp l2tp host-nameMarek Isalski
2021-10-15dhclient: T3832: Add hexadecimal format for client-idViacheslav
The hedadecimal option dhcp-cliend-identifier format is required to set values without quotes, separated by colons.
2021-10-13ntp: T3904: Fix NTP pool associationsGeorgiy Tugai
As of NTP 4.2.7, 'nopeer' also blocks pool associations. See https://bugs.ntp.org/show_bug.cgi?id=2657 See also https://github.com/geerlingguy/ansible-role-ntp/pull/84 (cherry picked from commit 854c68d43d8f1cf20417edd12284ea20f9e7ec9a)
2021-10-10lcd: T2564: add support for hd44780 displaysChristian Poessinger
2021-10-07Merge branch 'current' into 2faKim
2021-10-07openvpn: T3805: drop privileges using systemd - required for rtnetlinkChristian Poessinger
2021-10-07pull request fixesKim Hagen
2021-10-04bgp: T3741: "parameter default no-ipv4-unicast" is now a default optionChristian Poessinger
2021-10-04OpenVPN: T3350: Changed custom options for OpenVPN processingzsdc
Custom OpenVPN options moved back to the command line from a configuration file. This should keep full compatibility with the `crux` branch, and allows to avoid mistakes with parsing options that contain `--` in the middle. The only smart part of this - handling a `push` option. Because of internal changes in OpenVPN, previously it did not require an argument in the double-quotes, but after version update in `equuleus` and `sagitta` old syntax became invalid. So, all the `push` options are processed to add quotes. The solution is still not complete, because if a single config line contains `push` with other options, it will not work, but it is better than nothing.
2021-10-02dns: forwarding: T3882: remove deprecated code to work with PowerDNS 4.5Christian Poessinger
(cherry picked from commit 8e6c48563d1612916bd7fcc665d70bfa77ec5667)
2021-09-30dhcp-server: T2230: add subnet description into rendered configChristian Poessinger
2021-09-27igmp: T2230: fix Jinja2 and FRR indentionChristian Poessinger
2021-09-27frr: T2175: rename daemon Jinja2 templates to match (d)aemon suffixChristian Poessinger
2021-09-27openvpn: T690: Fix template for gateway and metricViacheslav
Some OpenVPN clients doesnt support option gateway and metric. Set metric option only when 'metric' was added in config explicity. (cherry picked from commit 96681d8bf1ede069b573a4cbe3a2493c374d048e)
2021-09-26ospfv3: T3859: add "log-adjacency-changes" CLI commandChristian Poessinger
2021-09-25bgp: T3657: add "neighbor fe80::202 interface source-interface 'eth1'" commandChristian Poessinger
2021-09-23openvpn: T3642: Openvpn does not work without dh parameter in EC modeNicolas Riebesel
2021-09-22vrrp: keepalived: T3847: enable no_tag_node_value_mangle for get_config_dict()Christian Poessinger
Commit 761631d6 ("vrrp: keepalived: T3847: migrate to get_config_dict()") switched to the new python function get_config_dict(), when we deal with tag nodes that can contain a hyphen, we should also set no_tag_node_value_mangle in order to preserve it. This caused a dict lookup error as the hyphens in the test scripts got replaced by an _.
2021-09-21vrrp: keepalived: T3847: migrate/streamline CLI optionsChristian Poessinger
Rename virtual-address -> address as we always talk about an IP address.
2021-09-21vrrp: keepalived: T3847: migrate to get_config_dict()Christian Poessinger
2021-09-21vrrp: keepalived: T616: enable script securityChristian Poessinger
2021-09-21vrrp: keepalived: T616: move configuration to volatile /run directoryChristian Poessinger
Move keepalived configuration from /etc/keepalived to /run/keepalived.
2021-09-21vrrp: keepalived: T2720: adjust to Jinja2 trim_blocks featureChristian Poessinger
This is a successor to commit a2ac9fac16e ("vyos.template: T2720: always enable Jinja2 trim_blocks feature"). It only shifts the whitespaces / indents inside the keepalived configuration file.
2021-09-21dhcp-server: T3839: support domain-search and ntp-server config per ↵Christian Poessinger
shared-network
2021-09-19ipsec: T1441: Clean up vti-up-down script for XFRM interfacesLucas Christian
2021-09-19dhcp-server: T3672: bugfix Jinja2 templateChristian Poessinger
The DHCP servers pool {} option can only be used when there follows a range statement. This is invalid for a network with only "static" leases.
2021-09-19dhcp-server: T3672: re-add missing "name" CLI optionChristian Poessinger
This option is mandatory and must be user configurable as it needs to match on both sides.
2021-09-19dhcp-server: T3841: add option to perform ICMP check before address assignmentChristian Poessinger
2021-09-19dhcp-server: T3672: only one failover peer is supportedChristian Poessinger
2021-09-18dhcp-server: T3839: support name-servers and domain config per shared-networkChristian Poessinger
DHCP servers "shared-network" level only makes sense if one can specify configuration items that can be inherited by individual subnets. This is now possible for name-servers and the domain-name. set service dhcp-server shared-network-name LAN domain-name 'vyos.net' set service dhcp-server shared-network-name LAN name-server '192.0.2.1'