diff options
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/ddns | 144 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/dropbear | 21 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/firewall | 88 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/fstab | 50 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/httpd | 22 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/luci_splash | 14 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/system | 21 | ||||
-rw-r--r-- | libs/uvl/root/lib/uci/schema/default/upnpd | 25 | ||||
-rwxr-xr-x | libs/uvl/root/usr/bin/uvl | 98 |
9 files changed, 479 insertions, 4 deletions
diff --git a/libs/uvl/root/lib/uci/schema/default/ddns b/libs/uvl/root/lib/uci/schema/default/ddns new file mode 100644 index 000000000..2c7060b8e --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/ddns @@ -0,0 +1,144 @@ +package ddns + +config section + option name 'service' + option title 'DynDNS service entry' + option package 'ddns' + option named true + option required true + +config variable + option name 'enabled' + option title 'Enable this service entry' + option section 'ddns.service' + option datatype 'boolean' + +config variable + option name 'service_name' + option title 'Name of the DynDNS provider' + option section 'ddns.service' + option datatype 'string' + +config variable + option name 'domain' + option title 'Own DynDNS domain' + option section 'ddns.service' + option required true + +config variable + option name 'username' + option title 'Account username' + option section 'ddns.service' + option required true + +config variable + option name 'password' + option title 'Account password' + option section 'ddns.service' + option required true + +config variable + option name 'ip_source' + option title 'Method to determine current IP address' + option section 'ddns.service' + option type 'enum' + option required true + +config enum + option variable 'ddns.service.ip_source' + option value 'network' + option title 'Read ip address from /etc/config/network' + +config enum + option variable 'ddns.service.ip_source' + option value 'interface' + option title 'Determine ip address from given hardware interface' + +config enum + option variable 'ddns.service.ip_source' + option value 'web' + option title 'Determine own IP using a remote web page' + +config variable + option name 'ip_network' + option title 'Configured network to use IP from' + option section 'ddns.service' + option depends 'ip_source=network' + option valueof 'network.interface' + +config variable + option name 'ip_interface' + option title 'Physical network interface to read IP from' + option section 'ddns.service' + option depends 'ip_source=interface' + +config variable + option name 'ip_url' + option title 'Web page used to determine IP address' + option section 'ddns.service' + option depends 'ip_source=web' + +config variable + option name 'update_url' + option title 'URL format to use for updating DNS information (for yet-unknown providers)' + option section 'ddns.service' + +config variable + option name 'check_interval' + option title 'Update check interval' + option section 'ddns.service' + option datatype 'integer' + option required true + +config variable + option name 'check_unit' + option title 'Unit for update check interval' + option section 'ddns.service' + option type 'enum' + option required true + +config enum + option variable 'ddns.service.check_unit' + option value 'seconds' + +config enum + option variable 'ddns.service.check_unit' + option value 'minutes' + +config enum + option variable 'ddns.service.check_unit' + option value 'hours' + +config enum + option variable 'ddns.service.check_unit' + option value 'days' + +config variable + option name 'force_interval' + option title 'Forced update interval' + option section 'ddns.service' + option datatype 'integer' + option required true + +config variable + option name 'force_unit' + option title 'Unit of forced update interval' + option section 'ddns.service' + option type 'enum' + option required true + +config enum + option variable 'ddns.service.force_unit' + option value 'seconds' + +config enum + option variable 'ddns.service.force_unit' + option value 'minutes' + +config enum + option variable 'ddns.service.force_unit' + option value 'hours' + +config enum + option variable 'ddns.service.force_unit' + option value 'days' diff --git a/libs/uvl/root/lib/uci/schema/default/dropbear b/libs/uvl/root/lib/uci/schema/default/dropbear new file mode 100644 index 000000000..66e3c4082 --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/dropbear @@ -0,0 +1,21 @@ +package dropbear + +config section + option name 'dropbear' + option title 'General SSH daemon settings' + option package 'dropbear' + option required true + option unique true + +config variable + option name 'PasswordAuth' + option title 'Permit password authentication' + option section 'dropbear.dropbear' + option datatype 'boolean' + +config variable + option name 'Port' + option title 'Listening port' + option section 'dropbear.dropbear' + option datatype 'integer' + option required true diff --git a/libs/uvl/root/lib/uci/schema/default/firewall b/libs/uvl/root/lib/uci/schema/default/firewall new file mode 100644 index 000000000..494db3fca --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/firewall @@ -0,0 +1,88 @@ +package firewall + +config section + option name 'defaults' + option title 'Global firewall defaults' + option package 'firewall' + option unique true + option required true + +config variable + option name 'forward' + option title 'Action for forwarded traffic' + option section 'firewall.defaults' + option required true + +config variable + option name 'input' + option title 'Action for incoming traffic' + option section 'firewall.defaults' + option required true + +config variable + option name 'output' + option title 'Action for outgoing traffic' + option section 'firewall.defaults' + option required true + +config variable + option name 'syn_flood' + option title 'Enable syn-flood protection' + option section 'firewall.defaults' + option datatype 'boolean' + + +config section + option name 'forwarding' + option title 'Firewall traffic forwarding rules' + option package 'firewall' + +config variable + option name 'src' + option title 'Source zone' + option section 'firewall.forwarding' + option valueof 'firewall.zone.name' + option required true + +config variable + option name 'dest' + option title 'Destination zone' + option section 'firewall.forwarding' + option valueof 'firewall.zone.name' + option required true + + +config section + option name 'zone' + option title 'Firewall zones' + option package 'firewall' + +config variable + option name 'name' + option title 'Name of this firewall zone' + option section 'firewall.zone' + option required true + +config variable + option name 'forward' + option title 'Zone specific action for forwarded traffic' + option section 'firewall.zone' + option required true + +config variable + option name 'input' + option title 'Zone specific action for incoming traffic' + option section 'firewall.zone' + option required true + +config variable + option name 'output' + option title 'Zone specific action for outgoing traffic' + option section 'firewall.zone' + option required true + +config variable + option name 'masq' + option title 'Enable masquerading for outgoing zone traffic' + option section 'firewall.zone' + option datatype 'boolean' diff --git a/libs/uvl/root/lib/uci/schema/default/fstab b/libs/uvl/root/lib/uci/schema/default/fstab new file mode 100644 index 000000000..1ef08f37d --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/fstab @@ -0,0 +1,50 @@ +package fstab + +config section + option name 'mount' + option title 'Filesystem entry' + option package 'fstab' + +config variable + option name 'device' + option title 'Device node' + option section 'fstab.mount' + +config variable + option name 'enabled' + option title 'Enable this mount point' + option section 'fstab.mount' + option datatype 'boolean' + +config variable + option name 'fstype' + option title 'Filesystem type' + option section 'fstab.mount' + +config variable + option name 'options' + option title 'Mount options' + option section 'fstab.mount' + +config variable + option name 'target' + option title 'Mount point' + option section 'fstab.mount' + option datatype 'directory' + + +config section + option name 'swap' + option title 'Swap entry' + option package 'fstab' + +config variable + option name 'device' + option title 'Swap file or Partition' + option section 'fstab.swap' + +config variable + option name 'enabled' + option title 'Enable this swap' + option section 'fstab.swap' + option datatype 'boolean' diff --git a/libs/uvl/root/lib/uci/schema/default/httpd b/libs/uvl/root/lib/uci/schema/default/httpd new file mode 100644 index 000000000..5f8d979a3 --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/httpd @@ -0,0 +1,22 @@ +package httpd + +config section + option name 'httpd' + option title 'General httpd settings' + option package 'httpd' + option unique true + option required true + +config variable + option name 'home' + option title 'Docroot directory' + option section 'httpd.httpd' + option datatype 'directory' + option required true + +config variable + option name 'port' + option title 'Listening port' + option section 'httpd.httpd' + option datatype 'integer' + option required true diff --git a/libs/uvl/root/lib/uci/schema/default/luci_splash b/libs/uvl/root/lib/uci/schema/default/luci_splash new file mode 100644 index 000000000..f3201416a --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/luci_splash @@ -0,0 +1,14 @@ +package luci_splash + +config section + option name 'core' + option title 'Common DHCP splash settings' + option package 'luci_splash' + option unique true + option required true + +config variable + option name 'leasetime' + option title 'Lease time in hours' + option section 'luci_splash.core' + option datatype 'float' diff --git a/libs/uvl/root/lib/uci/schema/default/system b/libs/uvl/root/lib/uci/schema/default/system new file mode 100644 index 000000000..1de2144f1 --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/system @@ -0,0 +1,21 @@ +package system + +config section + option name 'system' + option title 'General system configuration' + option package 'system' + option unique true + option required true + +config variable + option name 'hostname' + option title 'Local hostname' + option section 'system.system' + option datatype 'hostname' + option required true + +config variable + option name 'timezone' + option title 'Option timezone' + option section 'system.system' + option required true diff --git a/libs/uvl/root/lib/uci/schema/default/upnpd b/libs/uvl/root/lib/uci/schema/default/upnpd new file mode 100644 index 000000000..102af4d03 --- /dev/null +++ b/libs/uvl/root/lib/uci/schema/default/upnpd @@ -0,0 +1,25 @@ +package upnpd + +config section + option name 'upnpd' + option title 'Common upnpd settings' + option package 'upnpd' + option unique true + +config variable + option name 'download' + option title 'Download bandwidth in kBit/s' + option section 'upnpd.upnpd' + option datatype 'integer' + +config variable + option name 'upload' + option title 'Upload bandwidth in kBit/s' + option section 'upnpd.upnpd' + option datatype 'integer' + +config variable + option name 'log_output' + option title 'Enable log messages' + option section 'upnpd.upnpd' + option datatype 'boolean' diff --git a/libs/uvl/root/usr/bin/uvl b/libs/uvl/root/usr/bin/uvl index 7dc6a00aa..b859097fa 100755 --- a/libs/uvl/root/usr/bin/uvl +++ b/libs/uvl/root/usr/bin/uvl @@ -57,9 +57,90 @@ function getopt( arg, options ) return tab, args end +function genspec(conf) + require("luci.model.uci") + require("luci.uvl.datatypes") + + local uci = luci.model.uci.cursor() + local ok, err = uci:load(conf) + + if not ok then + print("Can not load config:", err) + os.exit(1) + else + local function _guess_datatype(v) + if type(v) == "table" then v = v[1] end + + for _, type in ipairs({ + "boolean", "integer", "float", "ip4addr", "ip6addr", + "macaddr", "directory", "file" + }) do + if luci.uvl.datatypes[type](v) then + return type + end + end + return "string" + end + + + local co = uci:get_all(conf) + local ct = { } + local ca = { } + local so = { } + local to = { } + + -- count section types + for _, section in pairs(co) do + ct[section['.type']] = ( ct[section['.type']] or 0 ) + 1 + ca[section['.type']] = section['.anonymous'] + so[section['.type']] = so[section['.type']] or { } + to[section['.type']] = to[section['.type']] or { } + + for option, value in pairs(section) do + if option:sub(1,1) ~= "." then + so[section['.type']][option] = _guess_datatype(value) + to[section['.type']][option] = ( type(value) == "table" and "list" or "variable" ) + end + end + end + + -- package name + print( "package %s" % conf ) + + -- write section schemes + for type, count in luci.util.kspairs(ct) do + print( "\nconfig section" ) + print( "\toption name '%s'" % type ) + print( "\toption title 'Section %s'" % type ) + print( "\toption package '%s'"% conf ) + print( "\toption named %s" % ( ca[type] and 'false' or 'true' ) ) + print( "\toption unique %s" % ( ct[type] > 1 and 'false' or ( ca[type] and 'false' or 'true' ) ) ) + print( "\toption dynamic false" ) + print( "\toption required false" ) + + -- write option schemes + for opt, val in luci.util.kspairs(so[type]) do + print( "\nconfig variable" ) + print( "\toption name '%s'" % opt ) + print( "\toption title 'Option %s'" % opt ) + print( "\toption section '%s.%s'" %{ conf, type } ) + print( "\toption datatype '%s'" % so[type][opt] ) + + if to[type][opt] ~= "variable" then + print( "\toption type '%s'" % to[type][opt] ) + end + end + + print("") + end + + end +end + + local options, arguments = getopt( arg ) -if #arguments == 0 or options.help then +if #arguments ~= 2 or options.help then print([=[ uvl - UCI Validation Layer @@ -70,7 +151,7 @@ Usage: uvl --help uvl [--silent] [--schemedir=DIR] [--no-strict-sections] [--no-strict-options] [--no-strict-validators] - [--no-strict-lists] config[.section[.option]] + [--no-strict-lists] {verify|genspec} config[.section[.option]] Options: --help @@ -93,9 +174,16 @@ Options: --no-strict-lists Don't invalidate lists that are stored options. + +Actions: + verify + Validate given configuration, section or option. + + genspec + Generate a scheme skeleton from given configuration. ]=]) os.exit(255) -else +elseif arguments[1] == "verify" then luci.uvl.STRICT_UNKNOWN_SECTIONS = ( options['no-strict-sections'] and false or true ) luci.uvl.STRICT_UNKNOWN_OPTIONS = @@ -109,7 +197,7 @@ else type(options.schemedir) == "string" and options.schemedir or nil ) - local cso = luci.util.split( arguments[1], "." ) + local cso = luci.util.split( arguments[2], "." ) local ok, err = uvl:validate( unpack(cso) ) if ok then @@ -126,4 +214,6 @@ else if not options.silent then print( err and err:string() or "Unknown error" ) end os.exit( 1 ) end +else + genspec( arguments[2] ) end |