ucentral-schema: add initial version of the reworked data model

Signed-off-by: John Crispin <john@phrozen.org>

.gitignore

@@ -1,2 +1,7 @@
 *.schema
 docs/
+new/ucentral.schema.json
+new/ucentral.schema.pretty.json
+new/docs/
+new/central.schema.json
+new/ucentral.schema.pretty.json

new/config-raw.yml

@@ -0,0 +1,6 @@
+description:
+  This object allows passing raw uci commands, that get applied after all the
+  other configuration was ben generated.
+type: array
+items:
+  type: string

new/definitions.yml

@@ -0,0 +1,11 @@
+description:
+  This section is used to define templates that can be reference by a
+  configuration. This avoids duplication of data. A RADIUS server can be
+  defined here for example and then referenced by several SSIDs.
+type: object
+properties:
+  wireless-encryption:
+    description:
+      A wireless encryption template.
+    type: object
+    $ref: "#/interfaces/ssids/encryption"

new/generate.sh

@@ -0,0 +1,5 @@
+#!/bin/sh
+
+./merge-schema.py
+mkdir -p docs
+generate-schema-doc --config expand_buttons=true ucentral.schema.pretty.json docs/ucentral-schema.html

new/globals.yml

@@ -0,0 +1,17 @@
+description:
+  A device has certain global properties that are used to derive parts of
+  the final configuration that gets applied.
+type: object
+properties:
+  ipv4-network:
+    description:
+      Define the IPv4 range that is delegatable to the downstream interfaces
+      This is described as a CIDR block. (192.168.0.0/16, 172.16.128/17)
+    type: string
+    uc-example: 192.168.0.0/16
+  ipv6-network:
+    description:
+      Define the IPv6 range that is delegatable to the downstream interfaces
+      This is described as a CIDR block. (fdca:1234:4567::/48)
+    type: string
+    uc-example: fdca:1234:4567::/48

new/interfaces.bridge.yml

@@ -0,0 +1,23 @@
+description:
+  This section describes the bridge behaviour of a logical network interface.
+type: object
+properties:
+  mtu:
+    description:
+      The MTU that shall be used by the network interface.
+    type: number
+    maximum: 65535
+    minimum: 256
+    uc-example: 1500
+  tx-queue-len:
+    description:
+      The Transmit Queue Length is a TCP/IP stack network interface value that
+      sets the number of packets allowed per kernel transmit queue of a network
+      interface device.
+    type: number
+    uc-example: 5000
+  isolate-ports:
+    description:
+      Isolates the bridge ports from each other.
+    type: boolean
+    default: false

new/interfaces.ethernet.yml

@@ -0,0 +1,49 @@
+description:
+  This section defines the physical copper/fiber ports that are members of the
+  interface. Network devices are referenced by their logical names.
+type: array
+items:
+  type: object
+  properties:
+    select-ports:
+      description:
+        The list of physical network devices that shall be added to the interface.
+        The names are logical ones and wildcardable. "WAN" will use whatever the
+        hardwares default upstream facing port is. "LANx" will use the "x'th"
+        downstream facing ethernet port. LAN* will use all downstream ports.
+      type: array
+      items:
+        type: string
+      uc-example:
+        - LAN1
+        - LAN2*
+    multicast:
+      description:
+        Enable multicast support.
+      type: boolean
+      default: true
+    learning:
+      description:
+        Controls whether a given port will learn MAC addresses from received
+        traffic or not. If learning if off, the bridge will end up flooding
+        any traffic for which it has no FDB entry. By default this flag is on.
+      type: boolean
+      default: true
+    isolate:
+      description:
+        Only allow communication with non-isolated bridge ports when enabled.
+      type: boolean
+      default: false
+    macaddr:
+      description:
+        Enforce a specific MAC to these ports.
+      type: string
+      maxLength: 17
+      minLength: 17
+      uc-example: true
+    reverse-path-filter:
+      description:
+        Reverse Path filtering is a method used by the Linux Kernel to help
+        prevent attacks used by Spoofing IP Addresses.
+      type: boolean
+      default: false

new/interfaces.ipv4.yml

@@ -0,0 +1,41 @@
+description:
+  This section describes the IPv4 properties of a logical interface.
+type: object
+properties:
+  addressing:
+    description:
+      This option defines the method by which the IPv4 address of the interface
+      is chosen.
+    type: string
+    enum:
+      - dynamic
+      - static
+    uc-example: static
+  subnet:
+    description:
+      This option defines the static IPv4 of the logical interface in CIDR notation.
+      auto/24 can be used, causing the configuration layer to automatically use
+      and address range from globals.ipv4-network.
+    type: string
+    uc-example: auto/24
+  gateway:
+    description:
+      This option defines the static IPv4 gateway of the logical interface.
+    type: string
+    uc-example: 192.168.1.1
+  send-hostname:
+    description:
+      include the devices hostname inside DHCP requests
+    type: boolean
+    default: true
+    uc-example: true
+  use-dns:
+    description:
+      Define which DNS servers shall be used. This can either be a list of
+      static IPv4 addresse or dhcp (use the server provided by the DHCP lease)
+    type: array
+    items:
+      type: string
+    uc-example:
+      - 8.8.8.8
+      - 4.4.4.4

new/interfaces.ssids.captive.yml

@@ -0,0 +1,39 @@
+description:
+  This section can be used to setup a captive portal on the AP.
+type: object
+properties:
+  gateway-name:
+    description:
+      This name will be presented to connecting users in on the splash page.
+    type: string
+    default: uCentral - Captive Portal
+  gateway-fqdn:
+    description:
+      The fqdn used for the captive portal IP.
+    type: string
+    default: ucentral.splash
+  maxclients:
+    description:
+      The maximum number of clients that shall be accept.
+    type: number
+    uc-example: 32
+  upload-rate:
+    description:
+      The maximum upload rate for a specific client.
+    type: number
+    uc-example: 10000
+  download-rate:
+    description:
+      The maximum download rate for a specific client.
+    type: number
+    uc-example: 10000
+  upload-quota:
+    description:
+      The maximum upload quota for a specific client.
+    type: number
+    uc-example: 10000
+  download-quota:
+    description:
+      The maximum download quota for a specific client.
+    type: number
+    uc-example: 10000

new/interfaces.ssids.encryption.yml

@@ -0,0 +1,37 @@
+description:
+  A device has certain properties that describe its identity and location.
+  These properties are described inside this object.
+type: object
+properties:
+  proto:
+    description:
+      The wireless encryption protocol that shall be used for this BSS
+    type: string
+    enum:
+    - none
+    - psk
+    - psk2
+    - psk-mixed
+    - wpa
+    - wpa2
+    - wpa-mixed
+    - sae
+    - sae-mixed
+    - wpa3
+    - wpa3-mixed
+    uc-example: psk2
+  key:
+    description:
+      The Pre Shared Key (PSK) that is used for encryption on the BSS when
+      using any of the WPA-PSK modes.
+    type: string
+    maxLength: 63
+    minLength: 8
+    uc-example: aaaaaaaa
+  80211w:
+    description:
+      Enable 802.11w Management Frame Protection (MFP) for this BSS.
+    type: number
+    maximum: 2
+    minimum: 0
+    uc-example: 2

new/interfaces.ssids.pass-point.yml

@@ -0,0 +1,60 @@
+description:
+  Enable Hotspot 2.0 support.
+type: object
+properties:
+  venue-name:
+    description:
+      This parameter can be used to configure one or more Venue Name Duples
+      for Venue Name ANQP information.
+    type: string
+  venue-group:
+    description:
+      The available values are defined in 802.11u.
+    type: number
+    maximum: 32
+  venue-type:
+    description:
+      The available values are defined in IEEE Std 802.11u-2011, 7.3.1.34
+    type: number
+    maximum: 32
+  venue-url:
+    description:
+      This parameter can be used to configure one or more Venue URL Duples to
+      provide additional information corresponding to Venue Name information.
+    type: string
+  auth-type:
+    description:
+      This parameter indicates what type of network authentication is used in
+      the network.
+    type: string
+    minLength: 2
+    maxLength: 2
+  domain-name:
+    description:
+      The IEEE 802.11u Domain Name.
+    type: string
+  nai-realm:
+    description:
+      NAI Realm information
+    type: string
+  osen:
+    description:
+      OSU Server-Only Authenticated L2 Encryption Network;
+    type: boolean
+  anqp-domain:
+    description:
+      ANQP Domain ID, An identifier for a set of APs in an ESS that share the
+      same common ANQP information.
+    type: number
+    maximum: 65535
+  friendly-name:
+    description:
+      This parameter can be used to configure one or more Operator Friendly
+      Name Duples.
+    type: string
+  icon:
+    description:
+      The operator icons.
+    type: array
+    items:
+      type: string

new/interfaces.ssids.radius.local-users.yml

@@ -0,0 +1,24 @@
+description:
+  Describe the local EAP user/psk/vid triplets.
+type: array
+items:
+  type: object
+  properties:
+    type: array
+    items:
+      type: object
+      properties:
+        mac:
+          type: string
+          maxLength: 17
+          minLength: 17
+          uc-example: 00:11:22:33:44:55
+        key:
+          type: string
+          maxLength: 63
+          minLength: 8
+          uc-example: aaaaaaaa
+        vid:
+          type: number
+          maximum: 4096
+          uc-example: 100

new/interfaces.ssids.radius.server.yml

@@ -0,0 +1,34 @@
+description:
+  Describe the properties of a Radius server.
+type: object
+properties:
+  host:
+    description:
+       The URI of our Radius server.
+    type: string
+    uc-example: 192.168.1.10
+  port:
+    description:
+       The network of our Radius server.
+    type: number
+    maximum: 65535
+    minimum: 1024
+    uc-example: 1812
+  secret:
+    description:
+      The shared Radius authentication secret.
+    type: string
+    uc-example: secret
+  request-attribute:
+    description:
+      The additional Access-Request attributes that gets sent to the server.
+    type: array
+    items:
+      type: string
+    uc-example:
+      - 126:s:Operator
+  request-cui:
+    description:
+      This will enable support for Chargeable-User-Identity (RFC 4372).
+    type: boolean
+    default: false

new/interfaces.ssids.radius.yml

@@ -0,0 +1,19 @@
+description:
+  When using EAP encryption we need to provide the required information
+  allowing us to connect to the AAA servers.
+type: object
+properties:
+  local-users:
+    $ref: "https://ucentral.io/schema/v1/interfaces/ssids/radius/local-users/"
+  authentication:
+    $ref: "https://ucentral.io/schema/v1/interfaces/ssids/radius/server/"
+  accounting:
+    $ref: "https://ucentral.io/schema/v1/interfaces/ssids/radius/server/"
+    properties:
+      interval:
+        description:
+          The interim accounting update interval. This value is defined in seconds.
+        type: number
+        maximum: 600
+        minimum: 60
+        default: 60