| Age | Commit message (Collapse) | Author |
|---|
|
warning: ~ action is deprecated, consider using the 'stop' statement instead [v8.24.0 try http://www.rsyslog.com/e/2307 ]
|
|
http-api: T5248: set/load config sections as JSON via API
|
|
... this is a step towards a new and better implementation that will utilize
VPP.
|
|
frr.service startup and shutdown is now explicitly managed by
vyos-router, so remove the systemd management directive.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
T5231: Add op-mode for show reverse-proxy
|
|
T3472: Print warning when commit-confirm is run as regular user
|
|
dns: T5144: Improve dynamic dns monitor and log and miscellaneous updates
|
|
|
|
|
|
|
|
dns: T5144: Refactor smoke tests for dynamic dns operation
|
|
|
|
Prevent failure when the user enters a partial CLI command without any
address specified.
Also, apply some minor formatting changes.
|
|
|
|
on reboot and shutdown attempts
|
|
T5260: Do not use deprecated python crypt module
|
|
Remove the quotes, this will always return the hash for string "password".
|
|
|
|
dns: T5144: Modernize dynamic dns operation (round 2)
|
|
Incorrect logic of node deletion now raises error, after T5251.
|
|
Templatize systemd override for ddclient service and move the generated
override files in /run. This ensures that the override files are always
generated afresh after boot.
Additionally, simplify the systemd override file by removing the
redundant/superfluous overrides.
|
|
|
|
config path
|
|
|
|
Create migration and bump package version from 0 -> 1 for dynamic dns
|
|
ddclient implementation of dualstack for dyndns2 protocol is targeted
for dyn.com (dyndns.org) only. Dualstack won't work for other servers
supporting dyndns2 protocol (for example, dyn.dns.he.net).
|
|
Apply next round of configuration tree updates to 'service dns dynamic'
with the following changes:
- Migrate `service dns dynamic interface <interface> [use-web]`
to `service dns dynamic address <interface>`
or `service dns dynamic address web [web-options]`
This communicates the intent that dynamic dns IP address is detected
in only one way - using the `<interface>` or using an external web
request, not both.
- When using external web request, (`service dns dynamic address web`),
external url is optional (`web-options url`). Ddclient defaults are
used when unspecified,
- Rename all config `login` to `username` for consistency and also to
align better with alternative ddclient backends in consideration.
- Apply global 'ipv6-enable' to per service 'ip-version: ipv6'. Selecting
usage of IPv4 or IPv6 (or both simultaneously) is now at per service
(protocol) level instead of global level. This allows more control on
the ability to select IPv4 in some cases and IPv6 in some other cases
wherever supported by the underlying ddclient protocol.
- While the IP address (and by extension, the detection mechanism) is
global, the way it is applied to a particular ddclient protocol depends
on whether it supports IPv4 or IPv6 or both.
- Related to the above, this also prevents generating incorrect config
file (`ddclient.conf`) with multiple global sections leading to an
unpredictable behavior of ddclient.
- Implement provider (protocol) specific custom tweaks whenever possible
(e.g., `zone`, `username`, `server` are not necessary in all cases).
- Move service name from a combination of 'protocol' (with protocol
config autodetected) and custom (with protocol config specified) to a
single 'service' key. This allows for consisent setup of multiple
config for the same ddclient protocol (with different options and
credentials). This also avoid ambiguity with usual networking term
'protocol' and ddclient specific term 'protocol' (and can change with
a move to a different backend).
- Apply upfront XML constraints and validations consistently wherever
applicable.
- RFC2136 specific change: Rename rfc2136 config `record` to `host-name`
for consistency.
- Cloudflare specific change: While ddclient still supports authenticating
with email and global auth key, skipping `username` in config will
indicate the intent to use API token authentication (with special
'token' literal as `username`).
|
|
|
|
|
|
|
|
configtree: T5251: catch/raise errors in functions delete and delete_value
|
|
The node was already deleted in the 'if path exists' branch; attempt to
delete in 'else' branch will now raise an error.
|
|
T5210:VPN:Fix typo in Warning
|
|
|
|
|
|
|
|
|
|
Connection ID Username Protocol State Uptime Tunnel IP
--------------- ---------- ---------- ------- -------- -----------------
27 cpo IKEv2 UP 11s ['172.16.222.17']
"Tunnel IP" should be a string over list.
|
|
This is a radvd limitation.
|
|
|
|
Add op-mode CLI for reverse-proxy "show reverse-proxy"
Ability to get JSON and formatted output
|
|
|
|
To accept a Proxy Protocol header on incoming TCP connections,
add an accept-proxy parameter to the bind line in a frontend section.
This parameter detects both Proxy Protocol version 1 (text format)
and Proxy Protocol version 2 (binary format).
set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
|
|
Improve and refactoring "load-balancing reverse-proxy"
- replace 'reverse-proxy server <tag>'
=> 'reverse-proxy service <tag>'
- replace 'reverse-proxy global-parameters tls <xxx>'
=> 'reverse-proxy global-parameters tls-version-min xxx'
=> 'reverse-proxy global-parameters ssl-bind-ciphers xxx'
- replace 'reverse-proxy service https rule <tag> set server 'xxx'
=> 'reverse-proxy service https rule <tag> set backend 'xxx'
'service https rule <tag> domain-name xxx' set as multinode
|
