Here this is a practical but very naive way to do that. We should be using harmony_config/secret but we have a chicken-and-egg problem where we want to use openbao as the secret store but it needs to be initialized first.
We should have a clean module to handle directories, not hardcode harmony everywhere.
Almost every time we ran this there was a longer delay than the default wait-for timeout (30 or 45 minutes iirc). We should take that into account.
This is a bit too opinionated at this level, we should let the score caller decide if he wants to expose them publicly.
Ideally this would be a specific type for KvmHost with the relevant validation logic and a macro to make it easy to hardcode it type-safely.
Already merged into way too big branch opnsense-codegen and superseeded with more features and tests.
92b46c5c08
fix: haproxy listens on 0.0.0.0 and opens wan in the firewall for okd deployment, also disables http redirect rule for opnsense webgui which stole haproxy traffic
3afaa38ba0
feat: Network stress test utility that will randomly flap switch ports and reboot opnsense firewalls while running iperf and report statistics and events in a simple clean ui