Although this might not be the final version, it adds the relevant metadata to the form definitions and offers a very simple template which can be used as a partial().
Example input field:
<field>
<id>sysctl.tunable</id>
<label>Tunable</label>
<type>text</type>
<grid_view>
<sequence>1</sequence>
</grid_view>
</field>
grid_view entries contain a sequence which may overwrite the default order and can overwrite any data-* attribute available, e.g. <sortable>false</sortable> would remove the sortable option from the field.
Perform some small cleanups in ControllerBase and add method to extract grid fields, sample config data:
<field>
<id>sysctl.value</id>
<label>Value</label>
<type>text</type>
<grid_view>
<sequence>2</sequence>
</grid_view>
</field>
Which results in the following output:
(
[sequence] => 2
[visible] => false
[ignore] => false
[sortable] => false
[width] =>
[label] => Value
[id] => sysctl.value
[type] => text
[fieldname] => value
)
* redirect sleep output to avoid it holding the pipe to daemon process open
* add comment explaining the sleep
* use daemon -m0 parameter to prevent restart failures
This was changed from a simple redirect of the sleep command after
discussion with Franco on https://github.com/opnsense/core/pull/8109
Sometimes its practical to be able to reset model settings to their defaults, in which case it makes sense to have a simple handle on the base model to flush all for a specific model.
Although this is a "hammer" (unable to validate referential constraints on its own), there is practical use when trying to reset a component to its factory state.
If useful, we could add a factory reset handle to the ApiMutableModelControllerBase class at some point as well to facility a "flush" in a more generic way.
This change lifts the constraint for matching protocols when the next hop is ipv6 and the route advertised is an ipv4 network.
While here, also cleanup the code a bit for readability and performance reasons.
While here, also offer optional peer tls verification as this is/was disabled by default.
In most cases verification isn't very relevant when using a direct attached neighbor, but if someone has infrastructure in between, extra safeguards are now possible.
With this inplace, allow_url_fopen can safely be disabled on our end (which was the primary goal here).
Since https://github.com/opnsense/core/issues/998 we support our authenticators for all service types, for backward compatibility reasons we kept default unix authentication available, since this is hardly used anymore, after 8 years it's time to deprecate this option.
With the new mvc code inplace, it's also a good idea to loosen the constraints for some accounts. One of the mail advantages is that we can now user email addresses as usernames for most services.
