summaryrefslogtreecommitdiff
path: root/docs/_static
AgeCommit message (Collapse)Author
2026-06-17Fix Cookiebot consent dialog rendering unstyled and breaking the page ↵1.4mergify[bot]
(#2108) (#2110) On a fresh (no-consent) load the consent banner could render completely unstyled and expand to full page height. Cookiebot delivers its dialog CSS as a constructed stylesheet on document.adoptedStyleSheets; ReadTheDocs' readthedocs-addons.js reassigns that whole-array property with a destructive replace, and when that lands after Cookiebot's network-gated adoption it drops Cookiebot's sheet, leaving #CybotCookiebotDialog at position:static expanded to ~6700px. It is a race, so it is intermittent and clears once consent is given (the dialog then never renders). - layout.html: a small adoptedStyleSheets shim, installed before any page script, that preserves Cookiebot's sheet so another library cannot drop it. - custom.css: a leak-safe safety net that keeps the dialog contained even if its adopted sheet is ever absent. It uses only properties Cookiebot itself sets, so it has verifiably no effect on the normal, styled banner. 🤖 Generated by [robots](https://vyos.io) (cherry picked from commit dce7bb521e3947af59fe18895b609ec353e0450e) Co-authored-by: Yuriy Andamasov <yuriy@vyos.io>
2026-05-07fix(css): increase copyFailedNotifier specificity to override copyDiv base styleYuriy Andamasov
🤖 Generated by [robots](https://vyos.io)
2026-05-07fix(codecopier): guard UI updates against out-of-order async completionsYuriy Andamasov
Rapid re-clicks queue multiple `navigator.clipboard.writeText` promises; without a request token, an older promise resolving later can overwrite the newer click's UI (or have its 2-second timeout fire on the new click's state). Add a per-button `copyRequestId` that each click increments and captures locally; the success/failure UI flip and the revert-timeout body all bail out early if the captured token no longer matches the current one. Addresses CodeRabbit review feedback on PR #1890. \xf0\x9f\xa4\x96 Generated by [robots](https://vyos.io)
2026-05-07fix(codecopier): prevent state class crossover on rapid re-clicksYuriy Andamasov
Reset both notifier classes and cancel any pending revert timeout at the start of each click so a fast failure-then-success (or vice versa) can't leave `copiedNotifier` and `copyFailedNotifier` applied simultaneously, and so the 2-second auto-revert window restarts cleanly per click. Addresses Copilot review feedback on PR #1890. 🤖 Generated by [robots](https://vyos.io)
2026-05-07fix(codecopier): exclude Copy label from clipboard and stop showing false ↵Yuriy Andamasov
success Two real bugs in the docs site copy-to-clipboard handler, both flagged by copilot review on PR #1886 (deferred there because that PR is scoped to typos). Bug 1: Copy label leaked into copied snippets on narrow screens The handler read `currentTarget.offsetParent.innerText`. The same handler appends a visible `.copyDiv` (with a 'Copy' <p>) into that container. Below the 992px breakpoint the label is visible (see code-snippets.css .copyDiv > p) so users got 'Copy' appended to every copied snippet. Fix: extract text from the <pre> element inside the container instead, which excludes the injected button. Also switched the lookup root from `offsetParent` to `parentElement` so the source-of-truth is the DOM relationship (the .copyDiv is inserted as a beforeend child of the inner .highlight div via insertAdjacentHTML), not CSS positioning. Bug 2: Failed clipboard writes still showed 'Copied!' The try/catch only logged on failure but the surrounding code still flipped the button into the copiedNotifier success state. Users got false success when writeText rejected (insecure context, permission denied, etc.). Fix: move the success UI flip inside the try, add an explicit failure UI flip ('Failed' text + new `.copyFailedNotifier` class with red background) in the catch. setTimeout still reverts both classes after 2s. Verified in browser with a sphinx-rendered fixture (jQuery 3.7 + Pygments output): both snippets copy their own text without the Copy label, success flow shows Copied!, simulated writeText rejection shows Failed, both states revert after 2s. 🤖 Generated by [robots](https://vyos.io)
2026-05-06feat: import MyST swap mechanism + content for sagitta (replaces #1886)Yuriy Andamasov
Replaces the broken #1886 with a fresh, properly-converted MyST set for the sagitta (1.4.x) docs, mirroring what landed for circinus via #1897. This PR: - Re-imports 210 md-*.md files for sagitta. Source: ran the pipelines rst-to-myst converter (chrisjsewell/rst-to-myst v0.4.0, with pandoc fallback) on sagittas RST. Post-processed via the pipelines postprocess stage (10 ordered fixes for blanks, admonitions, label hyphens, pandoc artifacts, structural blanks, linter markers). Compared to the broken #1886 content (which was left over from an earlier stage-1-only run): zero raw `<div class=>` remnants. - For 23 stems where sagittas RST is byte-identical with currents RST (mostly stable policy/protocol pages and the 404 page), reuses currents already-validated md-*.md content rather than re-converting. - Drops cli and installation/cloud/aws from sagittas swap set: their RST has SEVERE/4 "Title level inconsistent" errors that crash rst-to-myst; they need an independent RST-source fix and are kept as RST-only for now. - Adds the per-page swap mechanism: scripts/swap_sources.py, scripts/import_myst.py, the matching tests under tests/, _swap.txt with 210 stems, _ext/vyos.py MyST renderer fallback, Makefile swap-wrapped targets, .readthedocs.yml swap pre/post hooks. - Adds 187 .webp images and removes 235 superseded .jpg/.png/.jpeg static assets; flips html_logo to vyos-logo.webp. - Adds the MyST swap-related blocks to docs/conf.py only: myst_enable_extensions, myst_fence_as_directive, md-*.md exclude patterns, _swap_exclude.txt reader, _prefer_webp and _copy_md_sources setup hooks. github_version fallback set to 'sagitta' to match the branch (parallel to currents 'current' and circinuss 'circinus'). Deliberately excluded (per user direction): - llms.txt and sphinx-llms-txt / sphinx-sitemap config: these will land separately for sagitta via #1870 plus a new sagitta-specific llms.txt template PR. The conf.py here does not pull those extensions in, so the build does not depend on the new pip packages. Verification before pushing: - 210 md-*.md = 210 _swap.txt stems = 210 RST siblings on sagitta (1:1:1). - 0 files contain raw `<div class=` (the breakage that took down /en/1.5/). - conf.py copyright/version/release preserve sagittas values (2024 / 1.4 / "1.4.x (sagitta)") - not currents. - html_title from currents conf.py removed - PR #1880 is the right place for sagittas branch-localized title. Supersedes / closes on merge: - #1886 (broken converter output, would break /en/1.4/ if merged). Generated by robots https://vyos.io
2026-05-06Revert "Add incremental RST-to-MyST swap mechanism (sagitta) (#1868)" (#1894)Daniil Baturin
This reverts commit 22e34ce5aee24d2fd11f8205522ab7ecdb3c4c5e.
2026-05-06Add incremental RST-to-MyST swap mechanism (sagitta) (#1868)Yuriy Andamasov
* feat(swap-sagitta): add incremental RST-to-MyST swap mechanism Backport of the swap mechanism from feat/incremental-myst-swap onto the sagitta release branch. Built directly on top of origin/sagitta, so the underlying RST tree is sagitta's (not current's). Mechanism: - scripts/import_myst.py — import md from myst/* with md- prefix - scripts/swap_sources.py — rename md-{name}.md → {name}.md before Sphinx builds, restore after; writes _build/_swap_state.json and _build/_swap_exclude.txt - docs/Makefile — html/dirhtml/pdf/livehtml all run swap → build → trap restore; explicit `swap` and `restore` targets too - docs/conf.py — MyST extensions enabled; swap exclude_patterns loader; _prefer_webp builder hook so html prefers webp over png Content: - 202 md-prefixed pages from origin/myst/sagitta (md-{name}.md alongside each {name}.rst counterpart) - 1 plain MyST-only page from myst/sagitta where no .rst exists (already at canonical name on sagitta: docs/copyright.md) - 240 .webp images from myst/sagitta (added alongside the existing PNG/JPG so RST builds keep their assets) - docs/_swap.txt populated with all 202 stems → MyST is served by default, revert a page by removing its stem from _swap.txt 🤖 Generated by [robots](https://vyos.io) * feat(conf): copy .md sources into HTML output for plain-text serving Adds a build-finished hook that mirrors every .md file from the Sphinx source tree into the HTML output directory verbatim, making unrendered MyST sources accessible alongside HTML renders at the same URL path. 🤖 Generated by [robots](https://vyos.io) * docs: address review feedback (backport from PR #1857) Fix conversion artifacts, typos, and technical inaccuracies applicable to the sagitta branch: curly quotes, typos (deamonless, cammans, amdifferent, trough), incorrect firewall command paths, missing closing brace in zone-policy, peer name inconsistencies, hardcoded passwords replaced with vault references, and md-*.md exclusion in conf.py. 🤖 Generated by [robots](https://vyos.io) * docs: port .readthedocs.yml jobs, _ext/vyos.py fallback and swap-script tests from PR #1857 Parity backport from PR #1857 (current) — three pieces were missing on sagitta. - .readthedocs.yml: add build.jobs.pre_build / post_build hooks that run scripts/swap_sources.py --swap before the Sphinx build and --restore after. Without this, the swap mechanism ships but never runs on RTD builds for this branch — the swap is a silent no-op. - docs/_ext/vyos.py: CmdInclude.run() now falls back to nested_parse() when self.state._renderer is not present. Required for cfgcmd / opcmd / cmdincludemd directives to render correctly when included from MyST pages (the swap mechanism's whole point). Sagitta-only delta on _ext/vyos.py (the path = str(path) line on 224) is intentionally untouched. - tests/test_import_myst.py, tests/test_swap_sources.py: tests for the swap scripts. The scripts on this branch are byte-identical to current's, so the same tests apply. Travels with the branch so CI catches per-branch regressions if the scripts ever drift. 🤖 Generated by [robots](https://vyos.io) * fix(conf): skip md-*.md staging files in _copy_md_sources Agent-Logs-Url: https://github.com/vyos/vyos-documentation/sessions/919695a7-688d-41b9-89f0-540684625dbc Co-authored-by: andamasov <12631358+andamasov@users.noreply.github.com> --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: andamasov <12631358+andamasov@users.noreply.github.com>
2025-08-28Documentation VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud ↵Aslan Hajiyev
Connectivity (#1673) * Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP * Update docs/installation/cloud/azure-ha.rst Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Added documentation page VyOS Deployment on AWS and Azure for Secure Cloud-to-Cloud Connectivity * Modified diagram name * Update docs/installation/cloud/aws-to-azure.rst Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-08-20Added AWS/Azure HA deployment documentation for and modified titles of AWS, ↵Aslan Hajiyev
Azure, GCP deployment pages (#1668) * Added documentation pages for AWS/Azure HA deployment and modified pages AWS,Azure,GCP * Update docs/installation/cloud/azure-ha.rst Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-08-12Added IPSec blueprints with Cisco and PA (#1667)aapostoliuk
Added blueprint Policy-based Site-to-Site IPsec VPN with Cisco IOS. Added blueprint Route-based Site-to-Site IPsec VPN with Cisco IOS. Added blueprint Route-based Site-to-Site IPsec VPN with Palo Alto.
2025-07-28Updated site-to-site IPsec VPN documentation (#1660)aapostoliuk
* Updated site-to-site IPsec VPN documentation Added general theoretical IPsec documentation. Changed site-to-site IPsec VPN documentation. Added steps for configuration. Added documentation for troubleshooting site-to-site IPsec VPN. Backported from https://github.com/vyos/vyos-documentation/pull/1653 --------- Co-authored-by: aapostoliuk <aapostoliuk@vyos.io> Co-authored-by: Daniil Baturin <daniil@baturin.org>
2025-07-21Updated the installation page with latest information (#1659)srividya0208
2025-04-23Rewrited VyOS deployment for GCPaslanvyos
Rewrited VyOS deployment for GCP v2
2025-01-03Rewrited VyOS deployment for Azureaslanvyos
2024-12-24Rewrited VyOS deployment for AWSaslanvyos
2024-12-20Add files via uploadAslan Hajiyev
2024-12-20Add files via uploadAslan Hajiyev
2024-07-21Add initial hardware platform Gowin GW-FN-1UR1-10GChristian Breunig
(cherry picked from commit 2a6cf7f4981bed8fc56ed4fa31a041b6ebecf1b6)
2024-06-18Configuration Blueprints: add new example for firewall+vrf. Also, add note ↵Nicolas Fort
about usage of inbound and outbound interface when interface is attached to a non-default vrf. (cherry picked from commit fe416b56cfa30494172a0310c16fd2787330c7bb) # Conflicts: # docs/configexamples/zone-policy.rst
2024-05-28Enable new design on sagittarebortg
2024-03-14Update article about terraform in saggitamkorobeinikov
Update article about terraform like 1.5
2024-02-26Rewritten the L2TP documentationaapostoliuk
Rewritten the L2TP documentation Added the example 'PPPoE over L2TP' to blueprints (cherry picked from commit 4dd84a7c4d784229209eeb4b0d72457b094e08ce)
2024-02-08the article about Terraformmkorobeinikov
the article about Terraform+AWS+Azure+Ansible+VMware (cherry picked from commit ac4f69bed71398a278b40b4206a2c993b908cc28)
2024-01-22Updated DPD and close-action values in IPSECaapostoliuk
Changed from 'hold' to 'trap' and from 'restart' to 'start' in close-action. Changed from 'hold' to 'trap' in DPD action. (cherry picked from commit cfb7e8186d83e45092f361f9717c9542bfad053b)
2024-01-11added new NPTv6/DHCPv6 exampleTrae Santiago
(cherry picked from commit 1b1cc7986813c65b608ace38bf497622eb74f1cf)
2023-11-23backport Firewall docs from masterrebortg
2023-04-11Merge pull request #986 from josenj/masterRobert Göhler
Swapped LAN/DMZ
2023-04-11Merge branch 'master' into sr-mpls-correctionRobert Göhler
2023-04-11Swapped LAN/DMZJose Negron
2023-03-28Segment-rounting : Add documentation about segment-routing mpls on VyOSfett0
2023-03-27NMP and VyOS example articlemkorobeinikov
An example of how to set up NMP and VyOS using the 'snmp'
2023-02-24QoS example articlemkorobeinikov
An example of how to set up QOS.
2023-01-30Merge pull request #936 from mkorobeinikov/masterRobert Göhler
OpenVPN with LDAP example
2023-01-29OpenVPN with LDAP examplemkorobeinikov
An example of how to set up authorization in the OpenVPN client using LDAP and Active Directory.
2022-12-26ipsec_closeaction: added recommendation for closeaction optionssrividya0208
Added VPN IPSec connection-type recommendation for the close-action and dpd settings. For example close-action restart should not be added on both peers
2022-10-01Password recovery proceduregoodNETnick
2022-08-16add :defaultvalue: optionrebortg
(cherry picked from commit b09f2222ed6181ba377a41de37a3997559a234c8) (cherry picked from commit 1205c1e7806d4e84e03aafc94831248cbfa9b1c8)
2022-04-20add apendix-b and topology imageL. Repetto
2022-04-01add sphinx panels and create 6 panels on index.rstrebortg
2022-03-28coverage: fix cssrebortg
2022-03-24improve coverage layoutrebortg
2021-12-01L3VPN hub and spoke topoekhudiyev
2021-07-31added diagram & annotated commands for openvpn serverusman-umer
2021-07-13Merge pull request #566 from usman-umer/update-wireguardRobert Göhler
Wireguard Docs Update
2021-07-12updated diagram, updated sudo wg, fixed heading sizes, replaced pub IPsusman-umer
2021-07-11vrf: add example for route-leakingChristian Poessinger
2021-07-10 Moved wireguard from the interfaces to vpn directory, as it is a VPN.usman-umer
Modified the index files to reflect this. Added Diagram of the VPN Topology Modified the weird IP subnets for local& remote sites. This Included: Changing the Interface Address for the wg01 tunnel Chaning the WAN addresses to addrs not in the RFC1918 range (1.1.1.1 & 2.2.2.2) Modifing the allowed IPs and static route to reflect this. Modified the ping test to reflect this. Added an annotated verison of the wireguard local&remote config. Added an example of a firewall exception for wirguard (OUTSIDE_IN) Modified the explanation for the behavior of AllowedIPs for remote clients. Added an example of "sudo wg" to the operational commands. Fixed typo
2021-06-30configuration page: corrected spelling and grammatical mistakessrividya0208
There were minimal grammatical and spelling mistakes in the files which I corrected as documentation proof reading. Also added information about few ipsec vpn parameters.
2021-05-10Template: correct mobil version template designrebortg