Page MenuHomeVyOS Platform
Create Task
Maniphest T2096

Provide "generate" and "show" commands via the http API
Closed, ResolvedPublicFEATURE REQUEST
Actions

Description

I am currently building some python tools, which use the https-API in order to configure a set of VyOS routers.

One of my main goals is to automatically generate a meshed Wireguard network.

In order to fully achieve this, I would need access to the "generate" and "show" commands from op mode.

Such as:

show wireguard keypairs pubkey default

or

generate wireguard default-keypair

I think "generate" is already provided in configsession.py, while "show" probably needs to be implemented. I am not sure, if there should be a more cleaner way.

Details

Difficulty level
Unknown (require assessment)
Version
-
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Feature (new functionality)

Event Timeline

fetzerms created this task.Mar 4 2020, 9:29 AM
fetzerms created this object in space S1 VyOS Public.
fetzerms updated the task description. (Show Details)Mar 4 2020, 9:33 AM
fetzerms added a comment.Mar 4 2020, 10:07 AM

I created a pull request for those features: https://github.com/vyos/vyos-1x/pull/238
It is still work in progress, as I was not able to test it (yet).

pasik added a subscriber: pasik.Mar 4 2020, 4:04 PM
fetzerms added a comment.Mar 5 2020, 2:10 AM

I am not sure, if I should update here or at github. I did some tests and fixes with my PR. Now generate and show seem to work fine.

Request:

curl -X POST -F key=mykey https://myip/generate --insecure -F data='{"cmd": "wireguard preshared-key"}'

Response:

{"success": true, "data": "wybEjELpQ2CQYFRmTEdVc5PAxFgBCNfHJj/aDWf0qg0=\n", "error": null}

Request:

curl -X POST -F key=mykey https://myip/show --insecure -F data='{"cmd": "wireguard keypairs pubkey default"}'

Response:

{"success": true, "data": "<<censored_but_right_key>>\n", "error": null}

As this wrapper passes arbitrary commands to the op_mode_wrapper, I am not sure about the security implications.

fetzerms added a comment.Mar 11 2020, 11:58 AM

The code is now merged. Can somebody update this task?

syncer changed the task status from Open to Backport candidate.Mar 11 2020, 12:08 PM
syncer assigned this task to jestabro.
syncer triaged this task as Normal priority.
syncer added a project: VyOS 1.3 Equuleus.
syncer added a project: VyOS 1.2 Crux (VyOS 1.2.5).
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus board.
syncer moved this task from Finished to Backport Candidates on the VyOS 1.3 Equuleus board.
syncer moved this task from Needs Triage to Backlog on the VyOS 1.2 Crux (VyOS 1.2.5) board.
syncer changed the subtype of this task from "Task" to "Feature Request".Mar 16 2020, 12:29 AM
jestabro edited projects, added VyOS 1.2 Crux (VyOS 1.2.6); removed VyOS 1.2 Crux (VyOS 1.2.5).Mar 19 2020, 3:03 PM
jestabro changed the task status from Backport candidate to In progress.Mar 19 2020, 5:17 PM
jestabro removed a project: VyOS 1.2 Crux (VyOS 1.2.6).

This should be made consistent with other usage: paths should be lists, not strings. I will make the change, and any other details needed for consistency with model.

adestis added a subscriber: adestis.Apr 14 2020, 7:12 AM

@jestabro you removed VyOS 1.2.6 does this mean it will not be included in 1.2.x ?

jestabro added a comment.Apr 14 2020, 12:08 PM

@adestis The status 'Backport Candidate' indicates the intention to include it in 1.2.x; I may have mistakenly removed the specific project (1.2.6) when I changed the status.

jestabro added a comment.Apr 22 2020, 4:00 PM

The form will be made consistent with other commands, using an explicit 'op' (show|generate) and 'path' as list of strings. For example:

curl -k -X POST -F data='{"op": "generate", "path": ["wireguard", "default-keypair"]}' -F key=qwerty https://192.168.100.128/generate

respectively

curl -k -X POST -F data='{"op": "show", "path": ["hardware", "cpu", "summary"]}' -F key=qwerty https://192.168.100.128/show

jestabro closed this task as Resolved.Apr 22 2020, 4:03 PM
c-po moved this task from Backport Candidates to Finished on the VyOS 1.3 Equuleus board.Jun 2 2020, 7:36 PM
erkin set Issue type to Feature (new functionality).Aug 31 2021, 5:26 PM
syncer edited projects, added VyOS 1.3 Equuleus (1.3.0); removed VyOS 1.3 Equuleus.Aug 30 2022, 2:01 PM
syncer moved this task from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0) board.