config: reformat config.xml sample, some additions

src/etc/config.xml.sample

 <?xml version="1.0"?>
 <opnsense>
   <trigger_initial_wizard/>
-	<version>9.9</version>
+  <version>11.2</version>
   <lastchange></lastchange>
   <theme>opnsense</theme>
   <sysctl>
@@ -211,7 +211,7 @@
     </user>
     <nextuid>2000</nextuid>
     <nextgid>2000</nextgid>
-		<timezone>Etc/UTC</timezone>
+    <timezone>Europe/Amsterdam</timezone>
     <time-update-interval>300</time-update-interval>
     <timeservers>0.nl.pool.ntp.org</timeservers>
     <webgui>
@@ -219,7 +219,6 @@
     </webgui>
     <disablenatreflection>yes</disablenatreflection>
     <disableconsolemenu/>
-		<!-- <harddiskstandby></harddiskstandby> -->
     <disablesegmentationoffloading/>
     <disablelargereceiveoffloading/>
     <ipv6allow/>
@@ -230,9 +229,6 @@
       <interval>monthly</interval>
     </bogons>
     <kill_states/>
-		<ssh>
-			<sshdkeyonly/>
-		</ssh>
   </system>
   <interfaces>
     <wan>
@@ -241,7 +237,6 @@
       <mtu></mtu>
       <ipaddr>dhcp</ipaddr>
       <ipaddrv6>dhcp6</ipaddrv6>
-			<!-- *or* ipv4-address *or* 'pppoe' *or* 'pptp' *or* 'bigpond' -->
       <subnet></subnet>
       <gateway></gateway>
       <blockpriv/>
@@ -251,11 +246,6 @@
       <mediaopt></mediaopt>
       <dhcp6-duid></dhcp6-duid>
       <dhcp6-ia-pd-len>0</dhcp6-ia-pd-len>
-			<!--
-			<wireless>
-				*see below (opt[n])*
-			</wireless>
-			-->
     </wan>
     <lan>
       <enable/>
@@ -268,46 +258,8 @@
       <mediaopt></mediaopt>
       <track6-interface>wan</track6-interface>
       <track6-prefix-id>0</track6-prefix-id>
-			<!--
-			<wireless>
-				*see below (opt[n])*
-			</wireless>
-			-->
     </lan>
-		<!--
-		<opt[n]>
-			<enable/>
-			<descr></descr>
-			<if></if>
-			<ipaddr></ipaddr>
-			<subnet></subnet>
-			<media></media>
-			<mediaopt></mediaopt>
-			<bridge>lan|wan|opt[n]</bridge>
-			<wireless>
-				<mode>hostap *or* bss *or* ibss</mode>
-				<ssid></ssid>
-				<channel></channel>
-				<wep>
-					<enable/>
-					<key>
-						<txkey/>
-						<value></value>
-					</key>
-				</wep>
-			</wireless>
-		</opt[n]>
-		-->
   </interfaces>
-	<!--
-	<vlans>
-		<vlan>
-			<tag></tag>
-			<if></if>
-			<descr></descr>
-		</vlan>
-	</vlans>
-	-->
   <staticroutes>
     <!--
     <route>
@@ -402,25 +354,6 @@
     <nologdefaultblock/>
     -->
   </syslog>
-	<!--
-	<captiveportal>
-		<enable/>
-		<interface>lan|opt[n]</interface>
-		<idletimeout>minutes</idletimeout>
-		<timeout>minutes</timeout>
-		<page>
-			<htmltext></htmltext>
-			<errtext></errtext>
-		</page>
-		<httpslogin/>
-		<httpsname></httpsname>
-		<redirurl></redirurl>
-		<radiusip></radiusip>
-		<radiusport></radiusport>
-		<radiuskey></radiuskey>
-		<nomacfilter/>
-	</captiveportal>
-	-->
   <nat>
     <outbound>
       <mode>automatic</mode>

src/etc/inc/config.lib.inc

@@ -37,7 +37,6 @@ require_once("legacy_bindings.inc");
 require_once('upgrade_config.inc');
 require_once("certs.inc");
 
-
 /* make a global alias table (for faster lookups) */
 function alias_make_table($config)
 {
@@ -98,11 +97,19 @@ function parse_config()
  *   null
  ******/
 /* convert configuration, if necessary */
-function convert_config() {
+function convert_config()
+{
 	global $config, $g;
-	$now = date("H:i:s");
-	log_error(sprintf(gettext("Start Configuration upgrade at %s, set execution timeout to 15 minutes"), $now));
-	//ini_set("max_execution_time", "900");
+
+	if (!isset($config['revision'])) {
+		/* force a revision tag for proper handling in config history */
+		write_config('Factory configuration', false);
+	}
+
+	if ($config['version'] == $g['latest_config']) {
+		/* already at latest version */
+		return;
+	}
 
 	/* special case upgrades */
 	/* fix every minute crontab bogons entry */
@@ -118,8 +125,6 @@ function convert_config() {
 			}
 		}
 	}
-	if ($config['version'] == $g['latest_config'])
-		return;		/* already at latest version */
 
 	// Save off config version
 	$prev_version = $config['version'];
@@ -134,11 +139,9 @@ function convert_config() {
 		$config['version'] = sprintf('%.1f', $next / 10);
 	}
 
-	$now = date("H:i:s");
-	log_error(sprintf(gettext("Ended Configuration upgrade at %s"), $now));
-
-	if ($prev_version != $config['version'])
+	if ($prev_version != $config['version']) {
 		write_config(sprintf(gettext('Upgraded config version level from %1$s to %2$s'), $prev_version, $config['version']));
+	}
 }
 
 
@@ -318,7 +321,10 @@ function set_device_perms() {
 }
 
 
-function make_config_revision_entry($desc = null, $override_user = null) {
+function make_config_revision_entry($desc = null, $override_user = null)
+{
+	global $config;
+
 	if (empty($override_user)) {
 		if (empty($_SESSION["Username"])) {
 			$username = getenv("USER");
@@ -330,22 +336,26 @@ function make_config_revision_entry($desc = null, $override_user = null) {
 		if (!empty($_SERVER['REMOTE_ADDR'])) {
 			$username .= '@' . $_SERVER['REMOTE_ADDR'];
 		}
-	}
-	else {
+	} else {
 		$username = $override_user;
 	}
 
 	$revision = array();
 
-	if (time() > mktime(0, 0, 0, 9, 1, 2004))       /* make sure the clock settings are plausible */
+	$revision['username'] = $username;
+
 	$revision['time'] = time();
+	if ($revision['time'] == $config['revision']['time']) {
+		/* avoid conflicting timestamps (a second is long) */
+		$revision['time'] = intval($revision['time']) + 1;
+	}
+
+	if ($desc == null || $desc == 'Unknown') {
+		$revision['description'] = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
+	} else {
+		$revision['description'] = $desc;
+	}
 
-	/* Log the running script so it's not entirely unlogged what changed */
-	if ($desc == "Unknown")
-		$desc = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
-	if (!empty($desc))
-		$revision['description'] = "{$username}: " . $desc;
-	$revision['username'] = $username;
 	return $revision;
 }
 

src/etc/rc.bootup

@@ -162,6 +162,7 @@ if (is_install_media()) {
 echo "Loading configuration...";
 global $config;
 $config = parse_config();
+convert_config();
 echo "done.\n";
 
 /*
@@ -177,11 +178,6 @@ if (is_interface_mismatch()) {
 	led_kitt();
 }
 
-/* convert config and clean backups */
-echo "Updating configuration...";
-convert_config();
-echo "done.\n";
-
 /* read in /etc/sysctl.conf and set values if needed */
 echo "Setting up extended sysctls...";
 system_setup_sysctl();