summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile7
-rw-r--r--configs/etc/vyconfd.conf19
-rw-r--r--configs/etc/vyos/config.boot.default21
-rw-r--r--data/interface-definitions/system.xml42
-rw-r--r--schema/component_definition.rng83
-rw-r--r--schema/interface_definition.rng230
-rwxr-xr-xscripts/verify-schema.py40
7 files changed, 442 insertions, 0 deletions
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..a169332
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,7 @@
+.PHONY:
+verify-definitions:
+ find data/interface-definitions/ -type f -print | xargs scripts/verify-schema.py schema/interface_definition.rng
+
+.PHONY:
+all:
+ verify-definitions
diff --git a/configs/etc/vyconfd.conf b/configs/etc/vyconfd.conf
new file mode 100644
index 0000000..cf25c92
--- /dev/null
+++ b/configs/etc/vyconfd.conf
@@ -0,0 +1,19 @@
+[appliance]
+
+name = "VyOS"
+
+data_dir = "/usr/share/vyos"
+program_dir = "/usr/libexec/vyos"
+config_dir = "/etc/vyos"
+
+# paths relative to config_dir
+primary_config = "config.boot"
+fallback_config = "config.failsafe"
+
+[vyconf]
+
+socket = "/var/run/vyconfd.sock"
+pid_file = "/var/run/vyconfd.pid"
+log_file = "/var/log/vyconfd.log"
+log_template = "$(date) $(name)[$(pid)]: $(message)"
+log_level = "notice"
diff --git a/configs/etc/vyos/config.boot.default b/configs/etc/vyos/config.boot.default
new file mode 100644
index 0000000..3af63ca
--- /dev/null
+++ b/configs/etc/vyos/config.boot.default
@@ -0,0 +1,21 @@
+system {
+ login {
+ user vyos {
+ encrypted-password "$6$0qH9IPTOUwKTu$H7f3iyivBvvSR1o8TtD6mL/vQcqblEwIjZNu4auYV20r/xhm6JfbCapCb57bvjAMsD3Fmwdxqg0zJpoJMgTUf0";
+ level root;
+ }
+ }
+ host-name vyos;
+ ntp-server [
+ 0.pool.ntp.org;
+ 1.pool.ntp.org;
+ 2.pool.ntp.org
+ ];
+ config-management {
+ commit-revisions 1000;
+ }
+}
+interaces {
+ loopback lo {
+ }
+}
diff --git a/data/interface-definitions/system.xml b/data/interface-definitions/system.xml
new file mode 100644
index 0000000..92318a9
--- /dev/null
+++ b/data/interface-definitions/system.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0"?>
+
+<!-- General system options -->
+
+<interfaceDefinition>
+ <node name="system">
+ <children>
+ <leafNode name="host-name">
+ <properties>
+ <help>System host name</help>
+ <constraint>
+ <regex>[a-z]([a-z0-9\-]+)</regex>
+ </constraint>
+ <constraintErrorMessage>Host name must start with a letter and contain only lowercase letters, digits, and hyphens</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="name-server">
+ <properties>
+ <multi/>
+ <help>DNS server</help>
+ <constraint>
+ <validator name="ipv4addr"/>
+ <validator name="ipv6addr"/>
+ </constraint>
+ <constraintErrorMessage>DNS server address must be a valid IPv4 or IPv6 address</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ <leafNode name="ntp-server">
+ <properties>
+ <multi/>
+ <help>NTP server</help>
+ <constraint>
+ <validator name="hostname"/>
+ <validator name="ipv4addr"/>
+ <validator name="ipv6addr"/>
+ </constraint>
+ <constraintErrorMessage>NTP server address must be a valid hostname, IPv4, or IPv6 address</constraintErrorMessage>
+ </properties>
+ </leafNode>
+ </children>
+ </node>
+</interfaceDefinition>
diff --git a/schema/component_definition.rng b/schema/component_definition.rng
new file mode 100644
index 0000000..4dbb5b8
--- /dev/null
+++ b/schema/component_definition.rng
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<grammar xmlns="http://relaxng.org/ns/structure/1.0">
+ <!--
+ component_definition.rnc: VyConf component definition XML grammar
+
+ Copyright (C) 2014,2017 VyOS Development Group <maintainers@vyos.net>
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
+ USA
+ -->
+ <start>
+ <element name="component">
+ <ref name="nameAttr"/>
+ <ref name="versionAttr"/>
+ <zeroOrMore>
+ <ref name="description"/>
+ </zeroOrMore>
+ <zeroOrMore>
+ <ref name="dependencies"/>
+ </zeroOrMore>
+ <ref name="executables"/>
+ </element>
+ </start>
+ <define name="nameAttr">
+ <attribute name="name"/>
+ </define>
+ <define name="versionAttr">
+ <attribute name="version">
+ <ref name="number"/>
+ </attribute>
+ </define>
+ <define name="description">
+ <element name="description">
+ <text/>
+ </element>
+ </define>
+ <define name="dependencies">
+ <element name="dependencies">
+ <oneOrMore>
+ <ref name="dependency"/>
+ </oneOrMore>
+ </element>
+ </define>
+ <define name="dependency">
+ <element name="dependency">
+ <text/>
+ </element>
+ </define>
+ <define name="executables">
+ <element name="executables">
+ <ref name="verify"/>
+ <ref name="update"/>
+ <ref name="apply"/>
+ </element>
+ </define>
+ <define name="verify">
+ <element name="verify">
+ <text/>
+ </element>
+ </define>
+ <define name="update">
+ <element name="update">
+ <text/>
+ </element>
+ </define>
+ <define name="apply">
+ <element name="apply">
+ <text/>
+ </element>
+ </define>
+</grammar>
diff --git a/schema/interface_definition.rng b/schema/interface_definition.rng
new file mode 100644
index 0000000..8aa3ed5
--- /dev/null
+++ b/schema/interface_definition.rng
@@ -0,0 +1,230 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<grammar xmlns="http://relaxng.org/ns/structure/1.0">
+ <!--
+ interface_definition.rnc: VyConf reference tree XML grammar
+
+ Copyright (C) 2014 VyOS Development Group <maintainers@vyos.net>
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
+ USA
+ -->
+ <!--
+ The language of this file is compact form RELAX-NG
+ http://relaxng.org/compact-tutorial-20030326.htm
+ (unless converted to XML, then just RELAX-NG :)
+ -->
+ <!-- Interface definition starts with interfaceDefinition tag that may contain node tags -->
+ <start>
+ <element name="interfaceDefinition">
+ <zeroOrMore>
+ <ref name="node"/>
+ </zeroOrMore>
+ </element>
+ </start>
+ <!--
+ node tag may contain node, leafNode, or tagNode tags
+ Those are intermediate configuration nodes that may only contain
+ other nodes and must not have values
+ -->
+ <define name="node">
+ <element name="node">
+ <interleave>
+ <optional>
+ <ref name="ownerAttr"/>
+ </optional>
+ <ref name="nodeNameAttr"/>
+ </interleave>
+ <interleave>
+ <optional>
+ <ref name="properties"/>
+ </optional>
+ <optional>
+ <ref name="children"/>
+ </optional>
+ </interleave>
+ </element>
+ </define>
+ <!--
+ Tag nodes are containers for nodes without predefined names, like network interfaces
+ or user names (e.g. "interfaces ethernet eth0" or "user jrandomhacker")
+ Tag nodes may contain node and leafNode elements, and also nameConstraint tags
+ They must not contain other tag nodes
+ -->
+ <define name="tagNode">
+ <element name="tagNode">
+ <interleave>
+ <optional>
+ <ref name="ownerAttr"/>
+ </optional>
+ <ref name="nodeNameAttr"/>
+ </interleave>
+ <interleave>
+ <optional>
+ <ref name="properties"/>
+ </optional>
+ <ref name="children"/>
+ </interleave>
+ </element>
+ </define>
+ <!--
+ Leaf nodes are terminal configuration nodes that can't have children,
+ but can have values.
+ Leaf node may contain one or more valueConstraint tags
+ If multiple valueConstraint tags are used, they work a logical OR
+ Leaf nodes can have "multi" attribute that indicated that it can have
+ more than one value
+ -->
+ <define name="leafNode">
+ <element name="leafNode">
+ <ref name="nodeNameAttr"/>
+ <ref name="properties"/>
+ </element>
+ </define>
+ <!-- Normal and tag nodes may have children -->
+ <define name="children">
+ <element name="children">
+ <oneOrMore>
+ <choice>
+ <ref name="node"/>
+ <ref name="tagNode"/>
+ <ref name="leafNode"/>
+ </choice>
+ </oneOrMore>
+ </element>
+ </define>
+ <!--
+ Nodes may have properties
+ For simplicity, any property is allowed in any node,
+ but whether they are used or not is implementation-defined
+
+ Leaf nodes may differ in number of values that can be
+ associated with them.
+ By default, a leaf node can have only one value.
+ "multi" tag means a node can have one or more values,
+ "valueless" means it can have no values at all.
+ "hidden" means node visibility can be toggled, eg 'dangerous' commands,
+ "secret" allows a node to hide its value from unprivileged users.
+ -->
+ <define name="properties">
+ <element name="properties">
+ <interleave>
+ <optional>
+ <ref name="help"/>
+ </optional>
+ <optional>
+ <ref name="constraint"/>
+ </optional>
+ <zeroOrMore>
+ <ref name="valueHelp"/>
+ </zeroOrMore>
+ <optional>
+ <element name="constraintErrorMessage">
+ <text/>
+ </element>
+ </optional>
+ <optional>
+ <!-- These are meaningful only for leaf nodes -->
+ <group>
+ <element name="valueless">
+ <empty/>
+ </element>
+ </group>
+ </optional>
+ <optional>
+ <element name="multi">
+ <empty/>
+ </element>
+ </optional>
+ <optional>
+ <element name="hidden">
+ <empty/>
+ </element>
+ </optional>
+ <optional>
+ <element name="secret">
+ <empty/>
+ </element>
+ </optional>
+ <optional>
+ <!-- These are meaningful only for tag nodes -->
+ <group>
+ <element name="keepChildOrder">
+ <empty/>
+ </element>
+ </group>
+ </optional>
+ </interleave>
+ </element>
+ </define>
+ <!-- All nodes must have "name" attribute -->
+ <define name="nodeNameAttr">
+ <attribute name="name"/>
+ </define>
+ <!--
+ Ordinary nodes and tag nodes can have "owner" attribute.
+ Owner is the component that is notified when node changes.
+ -->
+ <define name="ownerAttr">
+ <attribute name="owner"/>
+ </define>
+ <!--
+ Tag and leaf nodes may have constraints on their names and values
+ (respectively).
+ When multiple constraints are listed, they work as logical OR
+ -->
+ <define name="constraint">
+ <element name="constraint">
+ <oneOrMore>
+ <choice>
+ <element name="regex">
+ <text/>
+ </element>
+ <ref name="validator"/>
+ </choice>
+ </oneOrMore>
+ </element>
+ </define>
+ <!-- A constraint may also use an external validator rather than regex -->
+ <define name="validator">
+ <element name="validator">
+ <interleave>
+ <attribute name="name"/>
+ <optional>
+ <attribute name="argument"/>
+ </optional>
+ </interleave>
+ <empty/>
+ </element>
+ </define>
+ <!-- help tags contains brief description of the purpose of the node -->
+ <define name="help">
+ <element name="help">
+ <text/>
+ </element>
+ </define>
+ <!-- valueHelp tags contain information about acceptable value format -->
+ <define name="valueHelp">
+ <element name="valueHelp">
+ <interleave>
+ <element name="format">
+ <text/>
+ </element>
+ <element name="description">
+ <text/>
+ </element>
+ </interleave>
+ </element>
+ </define>
+</grammar>
diff --git a/scripts/verify-schema.py b/scripts/verify-schema.py
new file mode 100755
index 0000000..6976d5e
--- /dev/null
+++ b/scripts/verify-schema.py
@@ -0,0 +1,40 @@
+#!/usr/bin/env python
+#
+# verify_schema.py: simple LXML wrapper for checking XML against
+# a RelaxNG schema.
+#
+# Copyright (C) 2014 VyOS Development Group <maintainers@vyos.net>
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
+# USA
+import sys
+
+from lxml import etree as ET
+
+if len(sys.argv) < 2:
+ print("Usage: {0} <RelaxNG schema file> <XML file>".format(sys.argv[0]))
+ sys.exit(1)
+
+schema = sys.argv[1]
+xml_source = sys.argv[2]
+
+xml_tree = ET.parse(xml_source)
+relaxng_xml = ET.parse(schema)
+validator = ET.RelaxNG(relaxng_xml)
+
+if not validator.validate(xml_tree):
+ print(validator.error_log)
+ print("File {0} does not match the schema!".format(xml_source))
+ sys.exit(1)