From 2b8af944d60de2fca8370a108e422ccc6b3d006d Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Mon, 12 Nov 2018 20:36:23 +0100
Subject: T987: Unclutter PPTP/IPSec RADIUS configuration nodes

In other words, remove top level tag nodes from radius-server and introduce
a regular "radius" node, thus we can add additional features, too. A migration
script is provided in vyos-1x which takes care of this config migration.

Change VyOS CLI from:

vyos@vyos# show vpn pptp
 remote-access {
     authentication {
         mode radius
         radius-server 172.16.100.10 {
             key barbarbar
         }
         radius-server 172.16.100.20 {
             key foofoofoo
         }
     }

To:

vyos@vyos# show vpn l2tp
 remote-access {
     authentication {
         mode radius
         radius {
             server 172.16.100.10 {
                 key barbarbar
             }
             server 172.16.100.20 {
                 key foofoofoo
             }
         }
     }
---
 src/migration-scripts/pptp/0-to-1 | 59 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100755 src/migration-scripts/pptp/0-to-1

(limited to 'src/migration-scripts')

diff --git a/src/migration-scripts/pptp/0-to-1 b/src/migration-scripts/pptp/0-to-1
new file mode 100755
index 000000000..d0c7a83b5
--- /dev/null
+++ b/src/migration-scripts/pptp/0-to-1
@@ -0,0 +1,59 @@
+#!/usr/bin/env python3
+
+# Unclutter PPTP VPN configuiration - move radius-server top level tag
+# nodes to a regular node which now also configures the radius source address
+# used when querying a radius server
+
+import sys
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+    print("Must specify file name!")
+    sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+config = ConfigTree(config_file)
+
+cfg_base = ['vpn', 'pptp', 'remote-access', 'authentication']
+if not config.exists(cfg_base):
+    # Nothing to do
+    sys.exit(0)
+else:
+    # Migrate "vpn pptp authentication radius-source-address" to new
+    # "vpn pptp authentication radius source-address"
+    if config.exists(cfg_base + ['radius-source-address']):
+        address = config.return_value(cfg_base + ['radius-source-address'])
+        # delete old configuration node
+        config.delete(cfg_base + ['radius-source-address'])
+        # write new configuration node
+        config.set(cfg_base + ['radius', 'source-address'], value=address)
+
+    # Migrate "vpn pptp authentication radius-server" tag node to new
+    # "vpn pptp authentication radius server" tag node
+    for server in config.list_nodes(cfg_base + ['radius-server']):
+        base_server = cfg_base + ['radius-server', server]
+        key = config.return_value(base_server + ['key'])
+
+        # delete old configuration node
+        config.delete(base_server)
+        # write new configuration node
+        config.set(cfg_base + ['radius', 'server', server, 'key'], value=key)
+
+        # format as tag node
+        config.set_tag(cfg_base + ['radius', 'server'])
+
+    # delete top level tag node
+    if config.exists(cfg_base + ['radius-server']):
+        config.delete(cfg_base + ['radius-server'])
+
+    try:
+        with open(file_name, 'w') as f:
+            f.write(config.to_string())
+    except OSError as e:
+        print("Failed to save the modified config: {}".format(e))
+        sys.exit(1)
-- 
cgit v1.2.3


From 2375e0876abeff26ba875419b62f974d0ff6122a Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Mon, 12 Nov 2018 20:37:08 +0100
Subject: migration/l2tp: fix file comment

---
 src/migration-scripts/l2tp/0-to-1 | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'src/migration-scripts')

diff --git a/src/migration-scripts/l2tp/0-to-1 b/src/migration-scripts/l2tp/0-to-1
index 65adbbe77..f6c716df1 100755
--- a/src/migration-scripts/l2tp/0-to-1
+++ b/src/migration-scripts/l2tp/0-to-1
@@ -1,7 +1,8 @@
 #!/usr/bin/env python3
 
-# Delete "set service dhcp-relay relay-options port" option
-# Delete "set service dhcpv6-relay listen-port" option
+# Unclutter L2TP VPN configuiration - move radius-server top level tag
+# nodes to a regular node which now also configures the radius source address
+# used when querying a radius server
 
 import sys
 
-- 
cgit v1.2.3


From 7a615ab169a7f6141fd9b6e84ac1ea415216d9bb Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sat, 17 Nov 2018 13:16:04 +0100
Subject: T1018: remove obsoleted 'dynamic' option from NTP

Increase NTP config version from 0 to 1. For more information see [1].

ntpd: Warning: the "dynamic" keyword has been obsoleted and will
be removed in the next release

[1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553976
---
 interface-definitions/ntp.xml    |  6 ------
 src/conf_mode/ntp.py             |  2 --
 src/migration-scripts/ntp/0-to-1 | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 36 insertions(+), 8 deletions(-)
 create mode 100755 src/migration-scripts/ntp/0-to-1

(limited to 'src/migration-scripts')

diff --git a/interface-definitions/ntp.xml b/interface-definitions/ntp.xml
index d324404da..945345898 100644
--- a/interface-definitions/ntp.xml
+++ b/interface-definitions/ntp.xml
@@ -14,12 +14,6 @@
               <help>Network Time Protocol (NTP) server</help>
             </properties>
             <children>
-              <leafNode name="dynamic">
-                <properties>
-                  <help>Allow server to be configured even if not reachable</help>
-                  <valueless/>
-                </properties>
-              </leafNode>
               <leafNode name="noselect">
                 <properties>
                   <help>Marks the server as unused</help>
diff --git a/src/conf_mode/ntp.py b/src/conf_mode/ntp.py
index 0abb2746a..68a046939 100755
--- a/src/conf_mode/ntp.py
+++ b/src/conf_mode/ntp.py
@@ -108,8 +108,6 @@ def get_config():
                 "name": node,
                 "options": []
             }
-            if conf.exists('server {0} dynamic'.format(node)):
-                options.append('dynamic')
             if conf.exists('server {0} noselect'.format(node)):
                 options.append('noselect')
             if conf.exists('server {0} preempt'.format(node)):
diff --git a/src/migration-scripts/ntp/0-to-1 b/src/migration-scripts/ntp/0-to-1
new file mode 100755
index 000000000..9c66f3109
--- /dev/null
+++ b/src/migration-scripts/ntp/0-to-1
@@ -0,0 +1,36 @@
+#!/usr/bin/env python3
+
+# Delete "set system ntp server <n> dynamic" option
+
+import sys
+
+from vyos.configtree import ConfigTree
+
+if (len(sys.argv) < 1):
+    print("Must specify file name!")
+    sys.exit(1)
+
+file_name = sys.argv[1]
+
+with open(file_name, 'r') as f:
+    config_file = f.read()
+
+config = ConfigTree(config_file)
+
+if not config.exists(['system', 'ntp']):
+    # Nothing to do
+    sys.exit(0)
+else:
+    # Delete abandoned leaf node if found inside tag node for
+    # "set system ntp server <n> dynamic"
+    base = ['system', 'ntp', 'server']
+    for server in config.list_nodes(base):
+        if config.exists(base + [server, 'dynamic']):
+            config.delete(base + [server, 'dynamic'])
+
+    try:
+        with open(file_name, 'w') as f:
+            f.write(config.to_string())
+    except OSError as e:
+        print("Failed to save the modified config: {}".format(e))
+        sys.exit(1)
-- 
cgit v1.2.3