summaryrefslogtreecommitdiff
path: root/interface-definitions/https.xml.in
AgeCommit message (Collapse)Author
2023-11-22http: T5762: rename "virtual-host listen-port" -> "virtual-host port"Christian Breunig
This complements commit f5e43b136 ("http: T5762: api: make API socket backend communication the one and only default") so we have a consistent port CLI node across VyOS components. (cherry picked from commit 0e885f1bf01424130b6876e769cc42612b19351b)
2023-11-20http: T5762: api: make API socket backend communication the one and only defaultChristian Breunig
Why: Smoketests fail as they can not establish IPv6 connection to uvicorn backend server. https://github.com/vyos/vyos-1x/pull/2481 added a bunch of new smoketests. While debugging those failing, it was uncovered, that uvicorn only listens on IPv4 connections vyos@vyos# netstat -tulnp | grep 8080 (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN - As the CLI already has an option to move the API communication from an IP to a UNIX domain socket, the best idea is to make this the default way of communication, as we never directly talk to the API server but rather use the NGINX reverse proxy. (cherry picked from commit f5e43b1361fb59a9c260739bdb28729d5119507c)
2023-05-16T5226: Combine ipv4-address and ipv6-address validatorsIndrajit Raychaudhuri
Use a single ip-address validator to combine and replace ipv4-address and ipv6-address validators.
2023-03-31http-api: T5126: allow restricting client IP addressJohn Estabrook
2022-10-25graphql: T4574: add interface definitions for authentication settingsJohn Estabrook
2022-10-21graphql: T4768: change name of api child node from 'gql' to 'graphql'John Estabrook
2022-07-24graphql: T3993: disable introspection unless set in CLIJohn Estabrook
2022-07-24graphql: T3993: add interface-definition for gqlJohn Estabrook
2022-04-29xml: T4047: use full string match in the regex validatorChristian Poessinger
2021-12-15http-api: T4076: allow setting CORS option 'Access-Control-Allow-Origin'John Estabrook
2021-12-13http-api: T4071: allow API to bind to unix domain socketJohn Estabrook
2021-12-06https: T4055: add vrf supportChristian Poessinger
2021-10-29https: pki: T3642: embed CA certificate into chain if specifiedChristian Poessinger
2021-08-29xml: add missing "u32:" value declarator on integer rangesChristian Poessinger
2021-08-19xml: T3768: drop early XML syntaxVersion implementationJohn Estabrook
2021-07-22pki: https: T3642: Migrate HTTPS to use PKI configurationsarthurdev
2020-12-28xml: completion-help: add helper for all local assigned IP addressesChristian Poessinger
This replaces the Python script by a bash variant which is much faster as the Python interpreter does not need to be launched on invocation.
2020-12-12xml: use "u32:" keyword when identifying port rangesChristian Poessinger
This will render the completion help more nicely.
2020-04-07http api: T2160: move 'api virtual-host' to 'api-restrict virtual-host'John Estabrook
Restriction of api proxy should be owned by https.py, not http-api.py.
2020-03-30http api: T2160: allow restricting HTTP API to specific serversJohn Estabrook
By default, the HTTP API will be proxied by any nginx virtual server. Allow specifying a subset of servers to act as proxy.
2020-03-24service https: T2157: Organize server block directives as 'virtual host'John Estabrook
2020-02-05service https: T1585: add support for letsencrypt certificatesJohn Estabrook
2020-02-04service https: T1443: reorder elements for clarityJohn Estabrook
2019-12-26xml: remove leading carrot (^) from regex syntaxChristian Poessinger
... as the carrot is applied automatically when reading in the XML definition. Auto replaced by: $ find interface-definitions -type f | xargs sed -i 's/regex>^/regex>/'
2019-12-06T1843: run interface-definitions though GCC preprocessorChristian Poessinger
A lot of XML code is duplicated (VLAN, interface address) for instance. Such XML definitions should be moved to feature.xml.i files and then just pulled in via GCC preprocessor #include definition in e.g. bond or ethernet definitions. This will give us the ability to single-source repeating node definitions as: * Interface Address * Interface Description * Interface Disable * VLAN (both vif-s and vif-c) The .in suffix of the interface-definitions is a marker that those files are input files to the GCC preprocessor. They will be rendered into proper XML files in the build directory. Some node definitions have been reworder to remove escaped double quote occurances which would have been warned about by the GCC preprocessor.
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 20:34:50 +0000