summaryrefslogtreecommitdiff
path: root/src/services
AgeCommit message (Collapse)Author
2024-02-01dns: T5959: Streamline dns forwarding serviceIndrajit Raychaudhuri
Streamline configuration and operation of dns forwarding service in following ways: - Remove `dns_forwarding_reset.py` as its functionality is now covered by `dns.py` - Adjust function names in `dns.py` to disambiguate between DNS forwarding and dynamic DNS - Remove `dns_forwarding_restart.sh` as its functionality is inlined in `dns-forwarding.xml` - Templatize systemd override for `pdns-recursor.service` and move the generated override files in /run. This ensures that the override files are always generated afresh after boot - Simplify the systemd override file by removing the redundant overrides - Relocate configuration path for pdns-recursor to `/run/pdns-recursor` and utilize the `RuntimeDirectory` default that pdns-recursor expects - We do not need to use custom `--socket-dir` path anymore, the default path (viz., `/run/pdns-recursor` is fine) (cherry picked from commit 1c1fb5fb4bd7c0d205b28caf90357ad56423464f)
2024-01-10https: T5902: remove virtual-host configurationChristian Breunig
We have not seen the adoption of the https virtual-host CLI option. What it did? * Create multiple webservers each listening on a different IP/port (but in the same VRF) * All webservers shared one common document root * All webservers shared the same SSL certificates * All webservers could have had individual allow-client configurations * API could be enabled for a particular virtual-host but was always enabled on the default host This configuration tried to provide a full webserver via the CLI but VyOS is a router and the Webserver is there for an API or to serve files for a local-ui. Changes Remove support for virtual-hosts as it's an incomplete and thus mostly useless "thing". Migrate all allow-client statements to one top-level allow statement. (cherry picked from commit d0d3071e99eb65edb888c26ef2fdc9e038438887)
2023-12-20https api: T5844: allow the server to start without API keysDaniil Baturin
and use only PAM auth and JWT (cherry picked from commit 495bf4732439ebd55edfbf6050af8b2064993d86)
2023-12-01http-api: T5782: use single config-mode script for https and http-apiJohn Estabrook
2023-12-01http-api: T5768: remove auxiliary http-api.confJohn Estabrook
2023-11-21T5767: HTTPS API add reboot and poweroff endpointsViacheslav Hletenko
Add ability to reboot and poweroff the system via API curl -k --location --request POST 'https://vyos/reboot' \ --form data='{"op": "reboot", "path": ["now"]}' \ --form key='apikey' curl -k --location --request POST 'https://vyos/poweroff' \ --form data='{"op": "poweroff", "path": ["now"]}' \ --form key='apikey' (cherry picked from commit 36f3c329c2df0e78f2f5da933d9729a872fb2a11)
2023-11-20http: T5762: api: make API socket backend communication the one and only defaultChristian Breunig
Why: Smoketests fail as they can not establish IPv6 connection to uvicorn backend server. https://github.com/vyos/vyos-1x/pull/2481 added a bunch of new smoketests. While debugging those failing, it was uncovered, that uvicorn only listens on IPv4 connections vyos@vyos# netstat -tulnp | grep 8080 (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN - As the CLI already has an option to move the API communication from an IP to a UNIX domain socket, the best idea is to make this the default way of communication, as we never directly talk to the API server but rather use the NGINX reverse proxy. (cherry picked from commit f5e43b1361fb59a9c260739bdb28729d5119507c)
2023-10-10http-api: T2612: reload server within configsession for api self-configJohn Estabrook
(cherry picked from commit 93d2ea7d635c7aa5acf3000654393ea48b7c6405)
2023-10-10http-api: T2612: send response before reconfiguring api serverJohn Estabrook
(cherry picked from commit 7d597a6dca15cb592230b349ef7ef565f258cf43)
2023-07-15T5195: vyos.util -> vyos.utils package refactoring part #2Christian Breunig
2023-07-14T5195: vyos.util -> vyos.utils package refactoring (#2093)Christian Breunig
* T5195: move run, cmd, call, rc_cmd helper to vyos.utils.process * T5195: use read_file and write_file implementation from vyos.utils.file Changed code automatically using: find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import read_file$/from vyos.utils.file import read_file/g' {} + find . -type f -not -path '*/\.*' -exec sed -i 's/^from vyos.util import write_file$/from vyos.utils.file import write_file/g' {} + * T5195: move chmod* helpers to vyos.utils.permission * T5195: use colon_separated_to_dict from vyos.utils.dict * T5195: move is_systemd_service_* to vyos.utils.process * T5195: fix boot issues with missing imports * T5195: move dict_search_* helpers to vyos.utils.dict * T5195: move network helpers to vyos.utils.network * T5195: move commit_* helpers to vyos.utils.commit * T5195: move user I/O helpers to vyos.utils.io
2023-07-12T5195: move boot_* helpers to vyos.utils.bootChristian Breunig
2023-06-20http-api: T5305: configure operations should not be defined asyncJohn Estabrook
2023-06-10http-api: T5248: add endpoint /configure-sectionJohn Estabrook
2023-06-10http-api: T5263: add base model for generalizationJohn Estabrook
2023-06-10http-api: T5263: factor out function _configure_op for generalizationJohn Estabrook
2023-06-10http-api: T5263: consistent string formattingJohn Estabrook
2023-06-10http-api: T5263: simplify form errorsJohn Estabrook
2023-06-10http-api: T5263: path validator should provide messageJohn Estabrook
2023-04-23http-api: T5175: check value of attribute for FastAPI>=0.91.0John Estabrook
FastAPI v0.92.0 (starlette v0.24.0) sets default attribute Request._form; check for value == None instead of existence when overriding Request class.
2023-03-28dns: T5115: Support custom port for name servers for forwarding zones.Indrajit Raychaudhuri
This would allow using custom ports in name server operating on non- default port for forwarding zones. This is a follow-up to T5113 for sake of completeness and having consistent treatment of all name servers configured in PowerDNS recursor. Additionally, migrate `service dns forwarding domain example.com server` to `service dns forwarding domain foo3.com name-server` for consistency and reusability.
2023-03-22graphql: T5106: generate client ops for composite functionsJohn Estabrook
2023-03-22graphql: T5106: generate client ops for configsession functionsJohn Estabrook
2023-03-22graphql: T5106: add auth_token client opJohn Estabrook
2023-03-08graphql: T5068: generate client operations for code generation toolsJohn Estabrook
2023-03-05op-mode: T5051: interpret Literal types as enumsJohn Estabrook
2023-03-03graphql: T5040: use path from defaultsJohn Estabrook
2023-03-01graphql: T5040: generate schema in vyos-1x.postinstJohn Estabrook
2023-03-01graphql: T5040: use nullable key field to allow schema static generationJohn Estabrook
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use.
2023-02-26graphql: T4979: add user info to token requestJohn Estabrook
2023-02-14http-api: T5006: add explicit async to retrieve/configure methodsJohn Estabrook
2023-02-06graphql: T4979: add query show_user_infoJohn Estabrook
2023-01-24op-mode: T4951: bugfix InsufficientResources SyntaxError: invalid syntaxChristian Breunig
Commit b5e90197 ("op mode: T4951: add InsufficientResources error") missed out a comma when extending the op_mode_err_msg dictionary.
2023-01-24Merge pull request #1779 from dmbaturin/T4951-resource-errorChristian Breunig
op mode: T4951: add InsufficientResources error
2023-01-23graphql: T4953: remove convert_kwargs_to_snake_case decoratorJohn Estabrook
2023-01-23graphql: T4544: use opmode._is_op_mode_function_name instead of local copyJohn Estabrook
2023-01-23op mode: T4951: add InsufficientResources errorDaniil Baturin
2023-01-10opmode: T2546: add UnsupportedOperation to op mode errorsDaniil Baturin
2023-01-09container: T4880: add REST API endpoint for add/delelete/show imagesJohn Estabrook
2023-01-09container: T4880: include 'add'/'delete' in standard op-mode functionsJohn Estabrook
2022-12-19graphql: T4887: interpret all boolean options as nullableJohn Estabrook
2022-11-21graphql: T4574: add specific error message if token has expiredJohn Estabrook
Catch expiration error and return error-specific message instead of general 'not authenticated'.
2022-11-21graphql: T4574: use Optional in func_sigJohn Estabrook
A misreading of the makefun docs seemed to indicate Optional was not supported; it is.
2022-11-21graphql: T4544: use load_as_module from vyos.utilJohn Estabrook
load_as_module was added to util.py for T4821; prefer over local copy
2022-11-18IPsec: T4828: raise op-mode error on incorrect valueJohn Estabrook
2022-11-16Revert "Revert "dns: T4799: fix bug with not reloading powerdns config""Christian Poessinger
This reverts commit 44df1cea1ebc3296844c5c35cf053a92cda4b944.
2022-11-09Revert "dns: T4799: fix bug with not reloading powerdns config"Christian Poessinger
This reverts commit ff09d4f47e5f54fad8258cd27fb0adfaa4c552b3. Process name is actually: <bound method Process.name of psutil.Process(pid=5031, name='pdns-r/worker', status='sleeping', started='08:51:51')>
2022-11-06graphql: T4803: allow 'Authorization' header in CORS middlewareJohn Estabrook
2022-11-05dns: T4799: fix bug with not reloading powerdns configinitramfs
PowerDNS version 4.7 and above has changed the main process name from 'pdns-r/worker' to 'pdns_recursor'. This commit updates the process name check to use the new name.
2022-11-01graphql: T4791: decamelize/normalize result of op-mode queriesJohn Estabrook