When services offer aliases which are less static, the current json option isn't very practical as we only want the package manager to ship files into these directories.
The new DynamicAliases namespace may contain simple php classes, which return a named set of aliases to merge into the set.
Since all of these classes are created on each alias query, it's highly advisable to keep their implementations as lightweight as possible.
* vpn/wireguard: Introduce latest-handshake-age to calculate if tunnel is online in backend. Implement it in wireguard.js widget and diagnostics.volt
* vpn/wireguard: expose peer-connected via API to approximate state of wireguard peers online/offline status, change status formatter to show statos of interfaces and peers, improve diagnostic grid
* vpn/wireguard: Move epoch calculation from frontend to controller
* vpn/wireguard: Track 3 different status instead of a boolean offline/online. Online means a handshake happened recently, Stale means a handshake happened in the past above a threshold of 300s, Offline means there was never a handshake yet. The same icons are implemented in the widget and the wireguard diagnostics page.
* vpn/wireguard: Remote peer disconnected translation since this is tracked by the icon now. Add stale translation.
* vpn/wireguard: Compact widget information for better readability
This commit changes the default update handling slightly as we need setBaseHook() to do it's work on imports as well so we can't trust $POST to be populated.
As a result, we need to query the node (which has already been set in either our import or addBase, setBase), which only causes some challenges when reading the password.
Passwords are being flushed plaintext to the model, but not returned, so we need to validate isFieldChanged() and check if actual content was offered.
To trigger setBaseHook() from the import hook, we extended the importRecordSet() with another callback called when the node has been populated with data, in which case it's the same as a regular ui update.
Added a config lock early in the importCsv() method to prevent race conditions on updates.
* vpn/wireguard: Integrate layout_partials/base_bootgrid_table and layout_partials/base_apply_button
* vpn/wireguard: Change spot of base_form, add formatter for Instance so that wg0,wg1 etc is displayed again in the grid as before the change
* Fix whitespace
Make sure that 'pluginctl -s xxx stop' isn't used here as it
does not stop a disabled instance. The point is moot for
syslog-ng since you cannot disable it but that only leaves
a tiny amount of daemons that still use it in core (nothing
in plugins uses it).
Also consolidate away from service(8) since we expect and
call the rc.d script directly.
This was steered by the need to let 'other' mode VIPs not cause any
regression with the other logic so now we only have one clear spot and
reload condition and ignore unknown modes gracefully.
delBase() already added a lock, but in practice, when automation is in play, there's a risk for other updates as well, which means we need to synchronize them to avoid data being lost.
* interface: gif.volt - Integrate layout_partials/base_bootgrid_table
* interface: gre.volt - Integrate layout_partials/base_bootgrid_table
* interface: lagg.volt - Integrate layout_partials/base_bootgrid_table
* interface: loopback.volt - Integrate layout_partials/base_bootgrid_table
* interface: neighbor.volt - Integrate layout_partials/base_bootgrid_table
* interface: vip.volt - Integrate layout_partials/base_bootgrid_table
* interface: vlan.volt - Integrate layout_partials/base_bootgrid_table
* interface: vxlan.volt - Integrate layout_partials/base_bootgrid_table
* interface: Change location of Configuration Change Message above Apply
* interface: Fix search base so all grid columns are populated with data
* interface: Integrate layout_partials/base_apply_button https://github.com/opnsense/core/issues/8284
* interface: Missed a spot
* interface: Do not render VHID group password in grid
* interface: vip.volt adjust view more to look like the previous grid
* interface: vip.volt add network formatter, remove vhid formatter since these fields are now displayed by default as separate rows
* interface: loopback.volt add loFormatter to turn device ID into loX in the grid
* interface: vxlan.volt add vxlanFormatter to turn device ID into vxlanX in the grid
chart.js canvas elements default their display to block, which can
cause sub-pixel rounding errors, in turn causing flickering when
the canvas element is interacted with (reproducible on Firefox).
'display: inline-block' fixes this, and while one could specify this
in css, this would have to be combined with !important, as the style
ordering prefers styles either set hardcoded inline or via JS. This
has the obvious downside that a canvas element cannot be hidden anymore,
as it's display setting would always be forced.
The only solution in terms of ordering is to override the inline style
by setting it in the canvas element directly as this commit is doing.
All canvas elements used by widgets which fit the following criteria
must use this inline style:
- a canvas element is used by chart.js
- said canvas lives in a responsive container
- the chart must be resizable in height, which requires the 'canvas-container'
parent element.
We move the gateway recovery into the hook as a user and users
can do their on similar scripts to fetch current status and
inspect and react accordingly. We do so before filter reload
to avoid excessive reloads in the facility script(s).
What this loses is the ability to get the previous argments
for statistics, but OTOH it also reduces the risk for spurious
events as we only trigger on state transitions.
Allow import hooks to be overwritten or manipulated.
No functional changes but it allows to bootstrap a
/conf/config.xml before opnsense-importer (making it
skip import) or modifying the imported /conf/config.xml
afterwards.
I think I could have done this before. We don't need historic artefacts
in a config.xml copy that doesn't do anything with it (nor need it in any
way).
