diff options
| -rw-r--r-- | Makefile | 7 | ||||
| -rw-r--r-- | configs/etc/vyconfd.conf | 19 | ||||
| -rw-r--r-- | configs/etc/vyos/config.boot.default | 21 | ||||
| -rw-r--r-- | data/interface-definitions/system.xml | 42 | ||||
| -rw-r--r-- | schema/component_definition.rng | 83 | ||||
| -rw-r--r-- | schema/interface_definition.rng | 230 | ||||
| -rwxr-xr-x | scripts/verify-schema.py | 40 |
7 files changed, 442 insertions, 0 deletions
diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..a169332 --- /dev/null +++ b/Makefile @@ -0,0 +1,7 @@ +.PHONY: +verify-definitions: + find data/interface-definitions/ -type f -print | xargs scripts/verify-schema.py schema/interface_definition.rng + +.PHONY: +all: + verify-definitions diff --git a/configs/etc/vyconfd.conf b/configs/etc/vyconfd.conf new file mode 100644 index 0000000..cf25c92 --- /dev/null +++ b/configs/etc/vyconfd.conf @@ -0,0 +1,19 @@ +[appliance] + +name = "VyOS" + +data_dir = "/usr/share/vyos" +program_dir = "/usr/libexec/vyos" +config_dir = "/etc/vyos" + +# paths relative to config_dir +primary_config = "config.boot" +fallback_config = "config.failsafe" + +[vyconf] + +socket = "/var/run/vyconfd.sock" +pid_file = "/var/run/vyconfd.pid" +log_file = "/var/log/vyconfd.log" +log_template = "$(date) $(name)[$(pid)]: $(message)" +log_level = "notice" diff --git a/configs/etc/vyos/config.boot.default b/configs/etc/vyos/config.boot.default new file mode 100644 index 0000000..3af63ca --- /dev/null +++ b/configs/etc/vyos/config.boot.default @@ -0,0 +1,21 @@ +system { + login { + user vyos { + encrypted-password "$6$0qH9IPTOUwKTu$H7f3iyivBvvSR1o8TtD6mL/vQcqblEwIjZNu4auYV20r/xhm6JfbCapCb57bvjAMsD3Fmwdxqg0zJpoJMgTUf0"; + level root; + } + } + host-name vyos; + ntp-server [ + 0.pool.ntp.org; + 1.pool.ntp.org; + 2.pool.ntp.org + ]; + config-management { + commit-revisions 1000; + } +} +interaces { + loopback lo { + } +} diff --git a/data/interface-definitions/system.xml b/data/interface-definitions/system.xml new file mode 100644 index 0000000..92318a9 --- /dev/null +++ b/data/interface-definitions/system.xml @@ -0,0 +1,42 @@ +<?xml version="1.0"?> + +<!-- General system options --> + +<interfaceDefinition> + <node name="system"> + <children> + <leafNode name="host-name"> + <properties> + <help>System host name</help> + <constraint> + <regex>[a-z]([a-z0-9\-]+)</regex> + </constraint> + <constraintErrorMessage>Host name must start with a letter and contain only lowercase letters, digits, and hyphens</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="name-server"> + <properties> + <multi/> + <help>DNS server</help> + <constraint> + <validator name="ipv4addr"/> + <validator name="ipv6addr"/> + </constraint> + <constraintErrorMessage>DNS server address must be a valid IPv4 or IPv6 address</constraintErrorMessage> + </properties> + </leafNode> + <leafNode name="ntp-server"> + <properties> + <multi/> + <help>NTP server</help> + <constraint> + <validator name="hostname"/> + <validator name="ipv4addr"/> + <validator name="ipv6addr"/> + </constraint> + <constraintErrorMessage>NTP server address must be a valid hostname, IPv4, or IPv6 address</constraintErrorMessage> + </properties> + </leafNode> + </children> + </node> +</interfaceDefinition> diff --git a/schema/component_definition.rng b/schema/component_definition.rng new file mode 100644 index 0000000..4dbb5b8 --- /dev/null +++ b/schema/component_definition.rng @@ -0,0 +1,83 @@ +<?xml version="1.0" encoding="UTF-8"?> +<grammar xmlns="http://relaxng.org/ns/structure/1.0"> + <!-- + component_definition.rnc: VyConf component definition XML grammar + + Copyright (C) 2014,2017 VyOS Development Group <maintainers@vyos.net> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 + USA + --> + <start> + <element name="component"> + <ref name="nameAttr"/> + <ref name="versionAttr"/> + <zeroOrMore> + <ref name="description"/> + </zeroOrMore> + <zeroOrMore> + <ref name="dependencies"/> + </zeroOrMore> + <ref name="executables"/> + </element> + </start> + <define name="nameAttr"> + <attribute name="name"/> + </define> + <define name="versionAttr"> + <attribute name="version"> + <ref name="number"/> + </attribute> + </define> + <define name="description"> + <element name="description"> + <text/> + </element> + </define> + <define name="dependencies"> + <element name="dependencies"> + <oneOrMore> + <ref name="dependency"/> + </oneOrMore> + </element> + </define> + <define name="dependency"> + <element name="dependency"> + <text/> + </element> + </define> + <define name="executables"> + <element name="executables"> + <ref name="verify"/> + <ref name="update"/> + <ref name="apply"/> + </element> + </define> + <define name="verify"> + <element name="verify"> + <text/> + </element> + </define> + <define name="update"> + <element name="update"> + <text/> + </element> + </define> + <define name="apply"> + <element name="apply"> + <text/> + </element> + </define> +</grammar> diff --git a/schema/interface_definition.rng b/schema/interface_definition.rng new file mode 100644 index 0000000..8aa3ed5 --- /dev/null +++ b/schema/interface_definition.rng @@ -0,0 +1,230 @@ +<?xml version="1.0" encoding="UTF-8"?> +<grammar xmlns="http://relaxng.org/ns/structure/1.0"> + <!-- + interface_definition.rnc: VyConf reference tree XML grammar + + Copyright (C) 2014 VyOS Development Group <maintainers@vyos.net> + + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + This library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this library; if not, write to the Free Software + Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 + USA + --> + <!-- + The language of this file is compact form RELAX-NG + http://relaxng.org/compact-tutorial-20030326.htm + (unless converted to XML, then just RELAX-NG :) + --> + <!-- Interface definition starts with interfaceDefinition tag that may contain node tags --> + <start> + <element name="interfaceDefinition"> + <zeroOrMore> + <ref name="node"/> + </zeroOrMore> + </element> + </start> + <!-- + node tag may contain node, leafNode, or tagNode tags + Those are intermediate configuration nodes that may only contain + other nodes and must not have values + --> + <define name="node"> + <element name="node"> + <interleave> + <optional> + <ref name="ownerAttr"/> + </optional> + <ref name="nodeNameAttr"/> + </interleave> + <interleave> + <optional> + <ref name="properties"/> + </optional> + <optional> + <ref name="children"/> + </optional> + </interleave> + </element> + </define> + <!-- + Tag nodes are containers for nodes without predefined names, like network interfaces + or user names (e.g. "interfaces ethernet eth0" or "user jrandomhacker") + Tag nodes may contain node and leafNode elements, and also nameConstraint tags + They must not contain other tag nodes + --> + <define name="tagNode"> + <element name="tagNode"> + <interleave> + <optional> + <ref name="ownerAttr"/> + </optional> + <ref name="nodeNameAttr"/> + </interleave> + <interleave> + <optional> + <ref name="properties"/> + </optional> + <ref name="children"/> + </interleave> + </element> + </define> + <!-- + Leaf nodes are terminal configuration nodes that can't have children, + but can have values. + Leaf node may contain one or more valueConstraint tags + If multiple valueConstraint tags are used, they work a logical OR + Leaf nodes can have "multi" attribute that indicated that it can have + more than one value + --> + <define name="leafNode"> + <element name="leafNode"> + <ref name="nodeNameAttr"/> + <ref name="properties"/> + </element> + </define> + <!-- Normal and tag nodes may have children --> + <define name="children"> + <element name="children"> + <oneOrMore> + <choice> + <ref name="node"/> + <ref name="tagNode"/> + <ref name="leafNode"/> + </choice> + </oneOrMore> + </element> + </define> + <!-- + Nodes may have properties + For simplicity, any property is allowed in any node, + but whether they are used or not is implementation-defined + + Leaf nodes may differ in number of values that can be + associated with them. + By default, a leaf node can have only one value. + "multi" tag means a node can have one or more values, + "valueless" means it can have no values at all. + "hidden" means node visibility can be toggled, eg 'dangerous' commands, + "secret" allows a node to hide its value from unprivileged users. + --> + <define name="properties"> + <element name="properties"> + <interleave> + <optional> + <ref name="help"/> + </optional> + <optional> + <ref name="constraint"/> + </optional> + <zeroOrMore> + <ref name="valueHelp"/> + </zeroOrMore> + <optional> + <element name="constraintErrorMessage"> + <text/> + </element> + </optional> + <optional> + <!-- These are meaningful only for leaf nodes --> + <group> + <element name="valueless"> + <empty/> + </element> + </group> + </optional> + <optional> + <element name="multi"> + <empty/> + </element> + </optional> + <optional> + <element name="hidden"> + <empty/> + </element> + </optional> + <optional> + <element name="secret"> + <empty/> + </element> + </optional> + <optional> + <!-- These are meaningful only for tag nodes --> + <group> + <element name="keepChildOrder"> + <empty/> + </element> + </group> + </optional> + </interleave> + </element> + </define> + <!-- All nodes must have "name" attribute --> + <define name="nodeNameAttr"> + <attribute name="name"/> + </define> + <!-- + Ordinary nodes and tag nodes can have "owner" attribute. + Owner is the component that is notified when node changes. + --> + <define name="ownerAttr"> + <attribute name="owner"/> + </define> + <!-- + Tag and leaf nodes may have constraints on their names and values + (respectively). + When multiple constraints are listed, they work as logical OR + --> + <define name="constraint"> + <element name="constraint"> + <oneOrMore> + <choice> + <element name="regex"> + <text/> + </element> + <ref name="validator"/> + </choice> + </oneOrMore> + </element> + </define> + <!-- A constraint may also use an external validator rather than regex --> + <define name="validator"> + <element name="validator"> + <interleave> + <attribute name="name"/> + <optional> + <attribute name="argument"/> + </optional> + </interleave> + <empty/> + </element> + </define> + <!-- help tags contains brief description of the purpose of the node --> + <define name="help"> + <element name="help"> + <text/> + </element> + </define> + <!-- valueHelp tags contain information about acceptable value format --> + <define name="valueHelp"> + <element name="valueHelp"> + <interleave> + <element name="format"> + <text/> + </element> + <element name="description"> + <text/> + </element> + </interleave> + </element> + </define> +</grammar> diff --git a/scripts/verify-schema.py b/scripts/verify-schema.py new file mode 100755 index 0000000..6976d5e --- /dev/null +++ b/scripts/verify-schema.py @@ -0,0 +1,40 @@ +#!/usr/bin/env python +# +# verify_schema.py: simple LXML wrapper for checking XML against +# a RelaxNG schema. +# +# Copyright (C) 2014 VyOS Development Group <maintainers@vyos.net> +# +# This library is free software; you can redistribute it and/or +# modify it under the terms of the GNU Lesser General Public +# License as published by the Free Software Foundation; either +# version 2.1 of the License, or (at your option) any later version. +# +# This library is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this library; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 +# USA +import sys + +from lxml import etree as ET + +if len(sys.argv) < 2: + print("Usage: {0} <RelaxNG schema file> <XML file>".format(sys.argv[0])) + sys.exit(1) + +schema = sys.argv[1] +xml_source = sys.argv[2] + +xml_tree = ET.parse(xml_source) +relaxng_xml = ET.parse(schema) +validator = ET.RelaxNG(relaxng_xml) + +if not validator.validate(xml_tree): + print(validator.error_log) + print("File {0} does not match the schema!".format(xml_source)) + sys.exit(1) |