From 3edf063d4d27d6132c67024b9560c0075fe7a48e Mon Sep 17 00:00:00 2001 From: Yuriy Andamasov Date: Wed, 6 May 2026 21:08:17 +0300 Subject: feat: flip swap mechanism on circinus — MD as primary, RST as override MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Mirror of #1899 for circinus. Same logic, same scripts, per-branch file set. Changes: - Rename docs/**/md-.md to docs/**/.md (drop md- prefix) for all 253 stems previously listed in docs/_swap.txt - Rename docs/**/.rst to docs/**/rst-.rst (add rst- prefix) for the same 253 stems - Repurpose docs/_swap.txt as docs/_rst_overrides.txt; initially empty - conf.py exclude_patterns flipped: rst-*.rst excluded by default - conf.py runtime-artifact references updated to _rst_override_state.json and _md_exclude.txt - scripts/swap_sources.py rewritten with inverted rename direction (rst-.rst → .rst when applying overrides; .md excluded via _md_exclude.txt) - scripts/import_myst.py and tests/test_import_myst.py deleted (obsolete) - tests/test_swap_sources.py rewritten for new semantics Identical change set to #1899 (current). Per-branch differences: - circinus has 253 stems vs current's 254 (suricata is current-only) - otherwise the script/conf.py/test changes are byte-identical with current Generated by robots https://vyos.io --- docs/configuration/service/md-https.md | 138 --------------------------------- 1 file changed, 138 deletions(-) delete mode 100644 docs/configuration/service/md-https.md (limited to 'docs/configuration/service/md-https.md') diff --git a/docs/configuration/service/md-https.md b/docs/configuration/service/md-https.md deleted file mode 100644 index 184fd088..00000000 --- a/docs/configuration/service/md-https.md +++ /dev/null @@ -1,138 +0,0 @@ -(http-api)= - -# HTTP API - -VyOS provide an HTTP API. You can use it to execute op-mode commands, -update VyOS, set or delete config. - -Please take a look at the {ref}`vyosapi` page for an detailed how-to. - -## Configuration - -```{cfgcmd} set service https allow-client address \ - -Only allow certain IP addresses or prefixes to access the https -webserver. -``` - -```{cfgcmd} set service https certificates ca-certificate \ - -Use CA certificate from PKI subsystem -``` - -```{cfgcmd} set service https certificates certificate \ - -Use certificate from PKI subsystem -``` - -```{cfgcmd} set service https certificates dh-params \ - -Use {abbr}`DH (Diffie–Hellman)` parameters from PKI subsystem. -Must be at least 2048 bits in length. -``` - -```{cfgcmd} set service https listen-address \ - -Webserver should only listen on specified IP address -``` - -```{cfgcmd} set service https port \ - -Webserver should listen on specified port. - -Default: 443 -``` - -```{cfgcmd} set service https enable-http-redirect - -Enable automatic redirect from http to https. -``` - -```{cfgcmd} set service https tls-version \<1.2 | 1.3\> - -Select TLS version used. - -This defaults to both 1.2 and 1.3. -``` - -```{cfgcmd} set service https vrf \ - -Start Webserver in given VRF. -``` - -```{cfgcmd} set service https request-body-size-limit \ - -Set the maximum request body size in megabytes. Default is 1MB. -``` - - -### API - -```{cfgcmd} set service https api keys id \ key \ - -Set a named api key. Every key has the same, full permissions -on the system. -``` - - -### REST - -```{cfgcmd} set service https api rest - -Enable REST API -``` - -```{cfgcmd} set service https api rest debug - -To enable debug messages. Available via {opcmd}`show log` or -{opcmd}`monitor log` -``` - -```{cfgcmd} set service https api rest strict - -Enforce strict path checking. -``` - - -### GraphQL - -```{cfgcmd} set service https api graphql introspection - -Enable GraphQL Schema introspection. -``` - -:::{note} -Do not leave introspection enabled in production, it is a security risk. -::: - -```{cfgcmd} set service https api graphql authentication type \ - -Set the authentication type for GraphQL, default option is key. Available options are: -* ``key`` use API keys configured in ``service https api keys`` -* ``token`` use JWT tokens. -``` - -```{cfgcmd} set service https api graphql authentication expiration - -Set the lifetime for JWT tokens in seconds. Default is 3600 seconds. -``` - -```{cfgcmd} set service https api graphql authentication secret-length - -Set the byte length of the JWT secret. Default is 32. -``` - -```{cfgcmd} set service https api graphql cors allow-origin \ - -Allow cross-origin requests from \. -``` - - -## Example Configuration - -Setting REST API and an API-KEY is the minimal configuration to get a working API Endpoint. - -```none -set service https api keys id MY-HTTPS-API-ID key MY-HTTPS-API-PLAINTEXT-KEY -set service https api rest -``` -- cgit v1.2.3