| Age | Commit message (Collapse) | Author |
|
(#2108) (#2110)
On a fresh (no-consent) load the consent banner could render completely
unstyled and expand to full page height. Cookiebot delivers its dialog CSS as
a constructed stylesheet on document.adoptedStyleSheets; ReadTheDocs'
readthedocs-addons.js reassigns that whole-array property with a destructive
replace, and when that lands after Cookiebot's network-gated adoption it drops
Cookiebot's sheet, leaving #CybotCookiebotDialog at position:static expanded to
~6700px. It is a race, so it is intermittent and clears once consent is given
(the dialog then never renders).
- layout.html: a small adoptedStyleSheets shim, installed before any page
script, that preserves Cookiebot's sheet so another library cannot drop it.
- custom.css: a leak-safe safety net that keeps the dialog contained even if
its adopted sheet is ever absent. It uses only properties Cookiebot itself
sets, so it has verifiably no effect on the normal, styled banner.
🤖 Generated by [robots](https://vyos.io)
(cherry picked from commit dce7bb521e3947af59fe18895b609ec353e0450e)
Co-authored-by: Yuriy Andamasov <yuriy@vyos.io>
|
|
🤖 Generated by [robots](https://vyos.io)
|
|
Rapid re-clicks queue multiple `navigator.clipboard.writeText`
promises; without a request token, an older promise resolving later
can overwrite the newer click's UI (or have its 2-second timeout fire
on the new click's state). Add a per-button `copyRequestId` that
each click increments and captures locally; the success/failure UI
flip and the revert-timeout body all bail out early if the captured
token no longer matches the current one.
Addresses CodeRabbit review feedback on PR #1890.
\xf0\x9f\xa4\x96 Generated by [robots](https://vyos.io)
|
|
Reset both notifier classes and cancel any pending revert timeout at the
start of each click so a fast failure-then-success (or vice versa) can't
leave `copiedNotifier` and `copyFailedNotifier` applied simultaneously,
and so the 2-second auto-revert window restarts cleanly per click.
Addresses Copilot review feedback on PR #1890.
🤖 Generated by [robots](https://vyos.io)
|
|
success
Two real bugs in the docs site copy-to-clipboard handler, both flagged by
copilot review on PR #1886 (deferred there because that PR is scoped to typos).
Bug 1: Copy label leaked into copied snippets on narrow screens
The handler read `currentTarget.offsetParent.innerText`. The same handler
appends a visible `.copyDiv` (with a 'Copy' <p>) into that container.
Below the 992px breakpoint the label is visible (see code-snippets.css
.copyDiv > p) so users got 'Copy' appended to every copied snippet.
Fix: extract text from the <pre> element inside the container instead,
which excludes the injected button. Also switched the lookup root from
`offsetParent` to `parentElement` so the source-of-truth is the DOM
relationship (the .copyDiv is inserted as a beforeend child of the inner
.highlight div via insertAdjacentHTML), not CSS positioning.
Bug 2: Failed clipboard writes still showed 'Copied!'
The try/catch only logged on failure but the surrounding code still flipped
the button into the copiedNotifier success state. Users got false success
when writeText rejected (insecure context, permission denied, etc.).
Fix: move the success UI flip inside the try, add an explicit failure UI
flip ('Failed' text + new `.copyFailedNotifier` class with red background)
in the catch. setTimeout still reverts both classes after 2s.
Verified in browser with a sphinx-rendered fixture (jQuery 3.7 + Pygments
output): both snippets copy their own text without the Copy label, success
flow shows Copied!, simulated writeText rejection shows Failed, both states
revert after 2s.
🤖 Generated by [robots](https://vyos.io)
|
|
Replaces the broken #1886 with a fresh, properly-converted MyST set for
the sagitta (1.4.x) docs, mirroring what landed for circinus via #1897.
This PR:
- Re-imports 210 md-*.md files for sagitta. Source: ran the pipelines
rst-to-myst converter (chrisjsewell/rst-to-myst v0.4.0, with pandoc
fallback) on sagittas RST. Post-processed via the pipelines
postprocess stage (10 ordered fixes for blanks, admonitions, label
hyphens, pandoc artifacts, structural blanks, linter markers).
Compared to the broken #1886 content (which was left over from an
earlier stage-1-only run): zero raw `<div class=>` remnants.
- For 23 stems where sagittas RST is byte-identical with currents RST
(mostly stable policy/protocol pages and the 404 page), reuses currents
already-validated md-*.md content rather than re-converting.
- Drops cli and installation/cloud/aws from sagittas swap set: their
RST has SEVERE/4 "Title level inconsistent" errors that crash
rst-to-myst; they need an independent RST-source fix and are kept as
RST-only for now.
- Adds the per-page swap mechanism: scripts/swap_sources.py,
scripts/import_myst.py, the matching tests under tests/, _swap.txt
with 210 stems, _ext/vyos.py MyST renderer fallback, Makefile
swap-wrapped targets, .readthedocs.yml swap pre/post hooks.
- Adds 187 .webp images and removes 235 superseded .jpg/.png/.jpeg
static assets; flips html_logo to vyos-logo.webp.
- Adds the MyST swap-related blocks to docs/conf.py only:
myst_enable_extensions, myst_fence_as_directive, md-*.md exclude
patterns, _swap_exclude.txt reader, _prefer_webp and _copy_md_sources
setup hooks. github_version fallback set to 'sagitta' to match the
branch (parallel to currents 'current' and circinuss 'circinus').
Deliberately excluded (per user direction):
- llms.txt and sphinx-llms-txt / sphinx-sitemap config: these will
land separately for sagitta via #1870 plus a new sagitta-specific
llms.txt template PR. The conf.py here does not pull those extensions
in, so the build does not depend on the new pip packages.
Verification before pushing:
- 210 md-*.md = 210 _swap.txt stems = 210 RST siblings on sagitta (1:1:1).
- 0 files contain raw `<div class=` (the breakage that took down /en/1.5/).
- conf.py copyright/version/release preserve sagittas values
(2024 / 1.4 / "1.4.x (sagitta)") - not currents.
- html_title from currents conf.py removed - PR #1880 is the right place
for sagittas branch-localized title.
Supersedes / closes on merge:
- #1886 (broken converter output, would break /en/1.4/ if merged).
Generated by robots https://vyos.io
|
|
This reverts commit 22e34ce5aee24d2fd11f8205522ab7ecdb3c4c5e.
|
|
* feat(swap-sagitta): add incremental RST-to-MyST swap mechanism
Backport of the swap mechanism from feat/incremental-myst-swap onto
the sagitta release branch. Built directly on top of origin/sagitta,
so the underlying RST tree is sagitta's (not current's).
Mechanism:
- scripts/import_myst.py — import md from myst/* with md- prefix
- scripts/swap_sources.py — rename md-{name}.md → {name}.md before
Sphinx builds, restore after; writes _build/_swap_state.json and
_build/_swap_exclude.txt
- docs/Makefile — html/dirhtml/pdf/livehtml all run swap → build →
trap restore; explicit `swap` and `restore` targets too
- docs/conf.py — MyST extensions enabled; swap exclude_patterns
loader; _prefer_webp builder hook so html prefers webp over png
Content:
- 202 md-prefixed pages from origin/myst/sagitta (md-{name}.md
alongside each {name}.rst counterpart)
- 1 plain MyST-only page from myst/sagitta where no .rst exists
(already at canonical name on sagitta: docs/copyright.md)
- 240 .webp images from myst/sagitta (added alongside the existing
PNG/JPG so RST builds keep their assets)
- docs/_swap.txt populated with all 202 stems → MyST is served by
default, revert a page by removing its stem from _swap.txt
🤖 Generated by [robots](https://vyos.io)
* feat(conf): copy .md sources into HTML output for plain-text serving
Adds a build-finished hook that mirrors every .md file from the Sphinx
source tree into the HTML output directory verbatim, making unrendered
MyST sources accessible alongside HTML renders at the same URL path.
🤖 Generated by [robots](https://vyos.io)
* docs: address review feedback (backport from PR #1857)
Fix conversion artifacts, typos, and technical inaccuracies applicable
to the sagitta branch: curly quotes, typos (deamonless, cammans,
amdifferent, trough), incorrect firewall command paths, missing closing
brace in zone-policy, peer name inconsistencies, hardcoded passwords
replaced with vault references, and md-*.md exclusion in conf.py.
🤖 Generated by [robots](https://vyos.io)
* docs: port .readthedocs.yml jobs, _ext/vyos.py fallback and swap-script tests from PR #1857
Parity backport from PR #1857 (current) — three pieces were missing on
sagitta.
- .readthedocs.yml: add build.jobs.pre_build / post_build hooks that run
scripts/swap_sources.py --swap before the Sphinx build and --restore
after. Without this, the swap mechanism ships but never runs on RTD
builds for this branch — the swap is a silent no-op.
- docs/_ext/vyos.py: CmdInclude.run() now falls back to nested_parse()
when self.state._renderer is not present. Required for cfgcmd /
opcmd / cmdincludemd directives to render correctly when included
from MyST pages (the swap mechanism's whole point). Sagitta-only
delta on _ext/vyos.py (the path = str(path) line on 224) is
intentionally untouched.
- tests/test_import_myst.py, tests/test_swap_sources.py: tests for the
swap scripts. The scripts on this branch are byte-identical to
current's, so the same tests apply. Travels with the branch so CI
catches per-branch regressions if the scripts ever drift.
🤖 Generated by [robots](https://vyos.io)
* fix(conf): skip md-*.md staging files in _copy_md_sources
Agent-Logs-Url: https://github.com/vyos/vyos-documentation/sessions/919695a7-688d-41b9-89f0-540684625dbc
Co-authored-by: andamasov <12631358+andamasov@users.noreply.github.com>
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: andamasov <12631358+andamasov@users.noreply.github.com>
|
|
Connectivity (#1673)
* Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP
* Update docs/installation/cloud/azure-ha.rst
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* Added documentation page VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud Connectivity
* Modified diagram name
* Update docs/installation/cloud/aws-to-azure.rst
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
|
Azure, GCP deployment pages (#1668)
* Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP
* Update docs/installation/cloud/azure-ha.rst
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
|
Added blueprint Policy-based Site-to-Site IPsec VPN with Cisco IOS.
Added blueprint Route-based Site-to-Site IPsec VPN with Cisco IOS.
Added blueprint Route-based Site-to-Site IPsec VPN with Palo Alto.
|
|
* Updated site-to-site IPsec VPN documentation
Added general theoretical IPsec documentation.
Changed site-to-site IPsec VPN documentation.
Added steps for configuration.
Added documentation for troubleshooting site-to-site IPsec VPN.
Backported from https://github.com/vyos/vyos-documentation/pull/1653
---------
Co-authored-by: aapostoliuk <aapostoliuk@vyos.io>
Co-authored-by: Daniil Baturin <daniil@baturin.org>
|
|
|
|
Rewrited VyOS deployment for GCP v2
|
|
|
|
|
|
|
|
|
|
(cherry picked from commit 2a6cf7f4981bed8fc56ed4fa31a041b6ebecf1b6)
|
|
about usage of inbound and outbound interface when interface is attached to a non-default vrf.
(cherry picked from commit fe416b56cfa30494172a0310c16fd2787330c7bb)
# Conflicts:
# docs/configexamples/zone-policy.rst
|
|
|
|
Update article about terraform like 1.5
|
|
Rewritten the L2TP documentation
Added the example 'PPPoE over L2TP' to blueprints
(cherry picked from commit 4dd84a7c4d784229209eeb4b0d72457b094e08ce)
|
|
the article about Terraform+AWS+Azure+Ansible+VMware
(cherry picked from commit ac4f69bed71398a278b40b4206a2c993b908cc28)
|
|
Changed from 'hold' to 'trap' and from 'restart' to 'start'
in close-action.
Changed from 'hold' to 'trap' in DPD action.
(cherry picked from commit cfb7e8186d83e45092f361f9717c9542bfad053b)
|
|
(cherry picked from commit 1b1cc7986813c65b608ace38bf497622eb74f1cf)
|
|
|
|
Swapped LAN/DMZ
|
|
|
|
|
|
|
|
An example of how to set up NMP and VyOS using the 'snmp'
|
|
An example of how to set up QOS.
|
|
OpenVPN with LDAP example
|
|
An example of how to set up authorization in the OpenVPN client using LDAP and Active Directory.
|
|
Added VPN IPSec connection-type recommendation for the close-action and
dpd settings.
For example close-action restart should not be added on both peers
|
|
|
|
(cherry picked from commit b09f2222ed6181ba377a41de37a3997559a234c8)
(cherry picked from commit 1205c1e7806d4e84e03aafc94831248cbfa9b1c8)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Wireguard Docs Update
|
|
|
|
|
|
Modified the index files to reflect this.
Added Diagram of the VPN Topology
Modified the weird IP subnets for local& remote sites. This Included:
Changing the Interface Address for the wg01 tunnel
Chaning the WAN addresses to addrs not in the RFC1918 range (1.1.1.1 & 2.2.2.2)
Modifing the allowed IPs and static route to reflect this.
Modified the ping test to reflect this.
Added an annotated verison of the wireguard local&remote config.
Added an example of a firewall exception for wirguard (OUTSIDE_IN)
Modified the explanation for the behavior of AllowedIPs for remote clients.
Added an example of "sudo wg" to the operational commands.
Fixed typo
|
|
There were minimal grammatical and spelling mistakes in the files which I
corrected as documentation proof reading.
Also added information about few ipsec vpn parameters.
|
|
|