VyOS MCP Server

#!/bin/bash # VyOS initial configuration script for MCP integration # This script configures VyOS to enable HTTPS API and basic networking set -euo pipefail # Wait for VyOS system to be ready echo "Waiting for VyOS system to be ready..." sleep 30 # Source VyOS environment if available if [ -f /opt/vyatta/etc/functions/script-template ]; then source /opt/vyatta/etc/functions/script-template fi # Log script execution echo "$(date): Starting VyOS MCP configuration" | tee -a /var/log/vyos-mcp.log # Enter configuration mode /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper begin # Basic system configuration echo "Configuring basic system settings..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set system host-name 'vyos-router' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set system domain-name 'vyos.local' # Configure interfaces echo "Configuring network interfaces..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set interfaces ethernet eth0 address '192.168.100.10/24' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set interfaces ethernet eth0 description 'Container Management Interface' # Configure SSH service echo "Configuring SSH service..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set service ssh port '22' # Configure HTTPS API with authentication echo "Configuring HTTPS API..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set service https api keys id vyos-mcp key 'vyos-mcp-secret-key' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set service https port '443' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set service https api cors allow-origin '*' # Configure basic firewall to allow API access echo "Configuring firewall rules..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN default-action 'accept' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 10 action 'accept' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 10 state established 'enable' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 10 state related 'enable' # Allow HTTPS API access /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 20 action 'accept' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 20 destination port '443' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 20 protocol 'tcp' # Allow SSH access /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 30 action 'accept' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 30 destination port '22' /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set firewall name CONTAINER-IN rule 30 protocol 'tcp' # Apply firewall to interface /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper set interfaces ethernet eth0 firewall in name 'CONTAINER-IN' # Commit and save configuration echo "Committing configuration..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper commit echo "Saving configuration..." | tee -a /var/log/vyos-mcp.log /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper save # End configuration session /opt/vyatta/sbin/vyatta-cfg-cmd-wrapper end # Log completion echo "$(date): VyOS MCP configuration completed successfully" | tee -a /var/log/vyos-mcp.log # Display configuration summary echo "=== VyOS Configuration Summary ===" | tee -a /var/log/vyos-mcp.log echo "Hostname: vyos-router" | tee -a /var/log/vyos-mcp.log echo "Management IP: 192.168.100.10/24" | tee -a /var/log/vyos-mcp.log echo "SSH Port: 22" | tee -a /var/log/vyos-mcp.log echo "HTTPS API Port: 443" | tee -a /var/log/vyos-mcp.log echo "API Key ID: vyos-mcp" | tee -a /var/log/vyos-mcp.log echo "=================================" | tee -a /var/log/vyos-mcp.log exit 0