oxidized 0.30.1 → 0.31.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 408f73ee50ed7040fab6c0034d197c5755f4d1042e8f9923ab8159fd90d36497
-  data.tar.gz: 747b1a2c42d53a8eb1903b61119f7184b8fe78c2ea240d879523c6d8758cc42a
+  metadata.gz: 59670040bed3f1d863d073d2f87dfaa07f3918eef49c3a0f2bbf44b6b111c3cc
+  data.tar.gz: 7e1c5400732aaf05567e20c635bee4e9bd9d0d4254b1aec78f2cb69fb48c98a2
 SHA512:
-  metadata.gz: 216511de21f3497c2cf36f22b379b3eba411e39e969544e7a6fb0d5ec60e725d2086621f8c803cfef3fb88655fd27d78a1973a2df947712a3ee124f7189c5293
-  data.tar.gz: 567883bf03d9e46c0df4f4fead4e361f7a2b30e648cad01e994da14a705d99cd7e06763de9f8f8aedc87578757df02e2fad9bda343fd08dca22770d3478a4ebb
+  metadata.gz: 60fad3a803759b63ee5519d0abb7f60eedd397eef68fa0728009b41553698b0d6b45dbd1c02de235ca9b929849b63b6caff3e751d5c24cdcf7039f1096b8727c
+  data.tar.gz: ea896202d8ba22fae8f64ba596b48fd31bdca016dee62652a1ca3feb27be0c2d07328472c4f8fa96f3b001ffacdc37078555f0c6439dbe1aca9ce85cc32afe3d

data/.github/workflows/ruby.yml

@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        ruby-version: ['3.0', '3.1', '3.2']
+        ruby-version: ['3.1', '3.2', '3.3']
 
     steps:
     - uses: actions/checkout@v4
@@ -34,7 +34,7 @@ jobs:
       uses: reviewdog/action-rubocop@v2
       with:
         rubocop_version: gemfile
-        rubocop_extensions: rubocop-minitest:gemfile rubocop-rake:gemfile
+        rubocop_extensions: rubocop-minitest:gemfile rubocop-rake:gemfile rubocop-sequel:gemfile
         reporter: github-pr-review
     - name: Run tests
       run: bundle exec rake

data/.github/workflows/stale.yml

@@ -14,6 +14,8 @@ jobs:
     steps:
       - uses: actions/stale@v9
         with:
+          stale-issue-message: 'This issue is stale because it has been open 90 days with no activity.'
+          stale-pr-message: 'This PR is stale because it has been open 90 days with no activity.'
           operations-per-run: 500
-          days-before-issue-stale: 90
-          days-before-close: 30
+          days-before-stale: 90
+          days-before-close: -1

data/.rubocop.yml

@@ -3,7 +3,7 @@ inherit_from: .rubocop_todo.yml
 # Do not attempt to police vendored code
 AllCops:
   NewCops: enable
-  TargetRubyVersion: 3.0
+  TargetRubyVersion: 3.1
   Exclude:
     - 'vendor/**/*'
 
@@ -19,8 +19,12 @@ Style/FrozenStringLiteralComment:
 Layout/LineLength:
   Enabled: false
 
+# We do not enforce the cop in the models as it would not work with the
+# DSL style of the models
 Lint/AmbiguousRegexpLiteral:
-  Enabled: false
+  Enabled: true
+  Exclude:
+   - lib/oxidized/model/*.rb
 
 Lint/RaiseException:
   Enabled: true
@@ -52,12 +56,19 @@ Style/FormatStringToken:
 Style/HashEachMethods:
   Enabled: true
 
+Style/HashSyntax:
+  EnforcedShorthandSyntax: either
+
 Style/HashTransformKeys:
   Enabled: true
 
 Style/HashTransformValues:
   Enabled: true
 
+Style/RegexpLiteral:
+  EnforcedStyle: slashes
+  AllowInnerSlashes: true
+
 Style/RescueModifier:
   Enabled: false
 
@@ -82,8 +93,12 @@ Metrics/ClassLength:
 ## Metrics/CyclomaticComplexity:
 ##   Max: 7
 
+# The BlockLength metric does not apply to unit tests. They are in nature
+# long and not very pretty
 Metrics/BlockLength:
   Max: 150
+  Exclude:
+   - spec/**/*_spec.rb
 
 Metrics/ParameterLists:
   Max: 6
@@ -94,3 +109,4 @@ Lint/EmptyBlock:
 require:
   - rubocop-rake
   - rubocop-minitest
+  - rubocop-sequel

data/.rubocop_todo.yml

@@ -1,22 +1,22 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2024-02-27 14:27:59 UTC using RuboCop version 1.60.2.
+# on 2024-10-15 06:30:40 UTC using RuboCop version 1.66.1.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 27
+# Offense count: 29
 # Configuration parameters: AllowedMethods, AllowedPatterns, CountRepeatedAttributes, Max.
 Metrics/AbcSize:
   Enabled: false
 
-# Offense count: 17
+# Offense count: 18
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/CyclomaticComplexity:
   Max: 12
 
-# Offense count: 14
+# Offense count: 15
 # Configuration parameters: AllowedMethods, AllowedPatterns.
 Metrics/PerceivedComplexity:
   Max: 12
@@ -72,19 +72,12 @@ Style/OpenStructUse:
     - 'lib/oxidized/node.rb'
     - 'spec/hook/githubrepo_spec.rb'
 
-# Offense count: 47
-# This cop supports safe autocorrection (--autocorrect).
-# Configuration parameters: EnforcedStyle, AllowInnerSlashes.
-# SupportedStyles: slashes, percent_r, mixed
-Style/RegexpLiteral:
-  Enabled: false
-
 # Offense count: 31
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false
 
-# Offense count: 83
+# Offense count: 85
 # This cop supports unsafe autocorrection (--autocorrect-all).
 # Configuration parameters: Mode.
 Style/StringConcatenation:

data/CHANGELOG.md

@@ -4,6 +4,67 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
+## [0.31.0 – 2024-11-29]
+
+### Added
+- model for Riverbed Steelhead (@Swaeltjie)
+- model for uplink EP4440-DP OLT (@AAm-kun)
+- model for Siklu Multihaul TG radios (@bdg-robert)
+- model for VMWare NSX DFW (@elmobp)
+- model for F5OS (@teunvink)
+- cumulus: Add possibility to use NVUE (@lagertonne)
+- model for garderos (@robertcheramy)
+- unit tests framework for models with ssh input (@robertcheramy)
+- os6: Added support to Dell EMC Networking OS6 (@anubisg1)
+- model for HPE Aruba Networking Instant Mode (Aruba Instant). Fixes #3057 (@robertcheramy)
+- Add JSONFILE source (@sargon)
+
+### Changed
+- h3c: change prompt to expect either angle (user-view) or square (system-view) brackets (@nl987)
+- xos: Hide radius and user secrets for XOS (@iriseden)
+- eos: Hide radius and snmp secrets for Arista EOS (@iriseden)
+- fortios: Hide date in acme certifcate comments (@systeembeheerder)
+- dlink: added support for 'enable admin' before getting configuration, if enable=true (@as8net)
+- dlinknextgen: strip uptime and ntp update time from config
+- Updated slackdiff.rb to use slack_ruby_client instead of slack-api (@Punicaa)
+- oxidized: options (such as credentials, etc.) now use the same resolution logic as variables and can also be defined per model in a group (@EinGlasVollKakao)
+- saos: add inventory and software status collection (@grbeneke)
+- container-image: update to phusion/baseimage:noble-1.0.0 and include security upgrades at build time (@robertcheramy)
+- container-image: use ubuntu-packages instead of gems in order to reduce container image size (@robertcheramy)
+- edgecos.rb: hide temperature and fan speed (@dhooper6430)
+- cnos: show information before config, remove secrets only when told to do so (@robje)
+- Updated slackdiff.rb to use new files.getUploadURLExternal slack file upload API instead of deprecated files.upload (@varesa)
+- Updated source/output files to reference a Source/Output module to avoid namespace duplication (@laf, @robertcheramy)
+- ios: Hide WLAN PSK, AP profile dot1x password, AP profile mgmtuser password/secret and radius COA server-key (@devon-mar)
+- ios: remove values from custom SNMP OID's, set by an EEM script (@syn-bit)
+- Update net-ssh to 7.3 to enable support for aes(128|256)gcm. Fixes #3168 (@jacobw)
+- removed time command from uplink EP4440-DP OLT model
+- fortios: variable `fullconfig` to get the configuration with default values. Fixes: #3159 (@robertcheramy)
+- container-image: install x25519 gem package to support more ssh kex. Fixes #3070 (@benasse)
+- lenovonos: Salt administrator-password line when remove_unstable_lines is set to True (@kani999)
+- lenovonos: Removes lines that started with Fan because RPM always changes. (@kani999)
+
+### Fixed
+- fixed error for ibos when remove_secret is set (@dminuoso)
+- fixed prompt for Watchguard FirewareOS not matching the regex when the node is managed and master (@benasse)
+- fixed prompt for vyos/vyatta to allow logins with non-priviliged accounts. Fixes #3111 (@h-lopez)
+- fixed power consumption included in ArubaOS-CX diffs starting with FL.10.13.xxx. Fixes #3142 (@terratalpi)
+- fixed oxidized-web getting "version not found" when fetching a version from git and no group is defined. Fixes #2222 (@robertcheramy)
+- fixed telnet to disconnect gracefully even if it throws IOError while disconnect. Fixes #3212 (@ytti)
+- docs: run git garbage collection to address performance issues. Fixes #3121 (@robertcheramy)
+- saos: fixed handling of 'unsaved configuration' indicator in prompt (@grbeneke)
+- rgos: also strip "System uptime" for installed modules (@spike77453)
+- fixed digest authentication when using http input (@spike77453)
+- fixed aosw prompt; now working with ArubaOS 8 (@mabezi, @robertcheramy)
+- routeros: fix system info for CHR. Fixes #3180 (@systeembeheerder)
+- removed hardcoded '~/.config/oxidized/config'. Fixes #3229 (@robertcheramy)
+- linuxgeneric: updated prompt to support '$' at the end (@robertcheramy)
+- hook githubrepo: add a specific warning when rugged not installed with ssh support. Fixes #3211 (@robertcheramy)
+- hook githubrepo: works with custom branch names (@robertcheramy)
+- ios: removes secrets when config has multiple snmp-server host lines. Fixes #3239 (@robertcheramy)
+- ios: fixed device specs on ASR900 Series. Fixes #3297 (@robertcheramy, @roshnaraman)
+- netgear: prompt for gs752tpp. Fixes #3287 (@robertcheramy)
+- aoscx: fixed regex for 6400 switches to hide temperature and power (@steveneppler)
 
 ## [0.30.1 – 2024-04-12]
 
@@ -13,7 +74,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 ### Fixed
 - The version string was not set correctly (@robertcheramy)
 
-
 ## [0.30.0 – 2024-04-11]
 
 ### Added

data/CONTRIBUTING.md

@@ -6,6 +6,9 @@ A great place for users to get involved is the [GitHub issues](https://github.co
 Through the issues, you can interact with maintainers and other users. You can open an issue
 if you need help, but you can also help other users by reviewing their issues and commenting on them.
 
+Before writing an issue, please read our documentation on
+[how to write good issues](/docs/Issues.md).
+
 > ## Legal Notice
 > When submitting content to this project, you must agree that you have authored 100%
 > of the content, that you have the necessary rights to the content and that the
@@ -119,6 +122,8 @@ bundle config set --local path 'vendor/bundle'
 bundle install
 ```
 
+Note: if you need to install rugged with ssh support, you can tell bundler so with `bundle config build.rugged --with-ssh`. Reinstall rugged with `bundle pristine rugged`
+
 ### Run your code
 ```bash
 bundle exec bin/oxidized

data/Dockerfile

@@ -1,39 +1,45 @@
-# Single-stage build of an oxidized container from phusion/baseimage-docker jammy-1.0.1, derived from Ubuntu 22.04 (Jammy Jellyfish)
-FROM docker.io/phusion/baseimage:jammy-1.0.1
+###################
+# Stage 1: Prebuild to save space in the final image.
 
-# set up dependencies for the build process
-RUN apt-get -yq update \
-    && apt-get -yq --no-install-recommends install ruby3.0 ruby3.0-dev libssl3 bzip2 libssl-dev pkg-config make cmake libssh2-1 libssh2-1-dev git git-email libmailtools-perl g++ libffi-dev ruby-bundler libicu70 libicu-dev libsqlite3-0 libsqlite3-dev libmysqlclient21 libmysqlclient-dev libpq5 libpq-dev zlib1g-dev msmtp \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
+FROM docker.io/phusion/baseimage:noble-1.0.0 AS prebuilder
 
-# dependencies for hooks
-RUN gem install --no-document aws-sdk slack-ruby-client xmpp4r cisco_spark
+# install necessary packages for building gems
+RUN apt-get update && apt-get install -y \
+    build-essential \
+    git \
+    ruby-dev \
+    && rm -rf /var/lib/apt/lists/*
 
-# dependencies for sources
-RUN gem install --no-document gpgme sequel sqlite3 mysql2 pg
+# create bundle directory
+RUN mkdir -p /usr/local/bundle
+ENV GEM_HOME=/usr/local/bundle
 
-# dependencies for inputs
-RUN gem install --no-document net-tftp net-http-persistent mechanize
+###################
+# Install the x25519 gem
+RUN gem install x25519 --no-document
 
-# build and install oxidized
+###################
+# build oxidized
 COPY . /tmp/oxidized/
 WORKDIR /tmp/oxidized
 
 # docker automated build gets shallow copy, but non-shallow copy cannot be unshallowed
 RUN git fetch --unshallow || true
 
+# Remove any older gems of oxidized if they exist
+RUN rm pkg/* || true
+
 # Ensure rugged is built with ssh support
-RUN CMAKE_FLAGS='-DUSE_SSH=ON' rake install
+RUN rake build
 
-# web interface
-RUN gem install oxidized-web --no-document
 
-# clean up
-WORKDIR /
-RUN rm -rf /tmp/oxidized
-RUN apt-get -yq --purge autoremove ruby-dev pkg-config make cmake ruby-bundler libssl-dev libssh2-1-dev libicu-dev libsqlite3-dev libmysqlclient-dev libpq-dev zlib1g-dev
+###################
+# Stage2: build an oxidized container from phusion/baseimage-docker and install x25519 from stage1
+FROM docker.io/phusion/baseimage:noble-1.0.0
 
+ENV DEBIAN_FRONTEND=noninteractive
+
+##### Place "static" commands at the beginning to optimize image size and build speed
 # add non-privileged user
 ARG UID=30000
 ARG GID=$UID
@@ -55,4 +61,59 @@ COPY extra/oxidized.runit /etc/service/oxidized/run
 COPY extra/auto-reload-config.runit /etc/service/auto-reload-config/run
 COPY extra/update-ca-certificates.runit /etc/service/update-ca-certificates/run
 
+# set up dependencies for the build process
+RUN apt-get -yq update \
+    && apt-get -yq upgrade \
+    && apt-get -yq --no-install-recommends install ruby \
+    # Build process of oxidized from git (beloww)
+    git \
+    # Allow git send-email from docker image
+    git-email libmailtools-perl \
+    # Allow sending emails in the docker container
+    msmtp \
+    # Debuging tools inside the container
+    inetutils-telnet \
+    # Use ubuntu gems where possible
+    # Gems needed by oxidized
+    ruby-rugged ruby-slop ruby-psych \
+    ruby-net-telnet ruby-net-ssh ruby-net-ftp ruby-net-scp ruby-ed25519 \
+    # Gem dependencies for inputs
+    ruby-net-http-persistent ruby-mechanize \
+    # Gem dependencies for sources
+    ruby-sqlite3 ruby-mysql2 ruby-pg ruby-sequel ruby-gpgme\
+    # Gem dependencies for hooks
+    ruby-aws-sdk ruby-xmpp4r \
+    # Gems needed by oxidized-web
+    ruby-charlock-holmes ruby-haml ruby-htmlentities ruby-json \
+    puma ruby-sinatra ruby-sinatra-contrib \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/*
+
+# copy the compiled gem from the builder stage
+COPY --from=prebuilder /usr/local/bundle /usr/local/bundle
+
+# Set environment variables for bundler
+ENV GEM_HOME="/usr/local/bundle"
+ENV PATH="$GEM_HOME/bin:$PATH"
+
+# gems not available in ubuntu noble
+RUN gem install --no-document \
+    # dependencies for hooks
+    slack-ruby-client cisco_spark \
+    # dependencies for specific inputs
+    net-tftp
+
+# install oxidized from prebuilder
+# The Dockerfile ist version-independent, so use oxidized-*.gem to cach the gem
+RUN mkdir -p /tmp/oxidized
+COPY --from=prebuilder /tmp/oxidized/pkg/oxidized-*.gem /tmp/oxidized/
+RUN gem install /tmp/oxidized/oxidized-*.gem
+
+# install oxidized-web
+RUN gem install oxidized-web --no-document
+
+# clean up
+WORKDIR /
+RUN rm -rf /tmp/oxidized
+
 EXPOSE 8888/tcp

data/README.md

@@ -101,23 +101,7 @@ gem install oxidized-script oxidized-web # If you don't install oxidized-web, en
 
 ### CentOS, Oracle Linux, Red Hat Linux
 
-On CentOS 6 and 7 / RHEL 6 and 7, begin by installing Ruby 2.3 or greater. This can be accomplished in one of several ways:
-
-Install Ruby 2.3 from [SCL](https://www.softwarecollections.org/en/scls/rhscl/rh-ruby23/):
-
-```shell
-yum install centos-release-scl
-yum install rh-ruby30 rh-ruby30-ruby-devel
-scl enable rh-ruby30 bash
-```
-
-The following additional packages will be required to build the dependencies:
-
-```shell
-yum install make cmake which sqlite-devel openssl-devel libssh2-devel ruby gcc ruby-devel libicu-devel gcc-c++
-```
-
-Alternatively, install Ruby 2.6 via RVM by following the instructions:
+On CentOS 6 and 7 / RHEL 6 and 7, begin by installing Ruby 3.1 via RVM by following the instructions:
 
 Make sure you dont have any leftover ruby:
 ```yum erase ruby```
@@ -129,8 +113,8 @@ sudo gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A17031138
 curl -sSL https://get.rvm.io | bash -s stable
 source /etc/profile.d/rvm.sh
 rvm requirements run
-rvm install 3.0
-rvm use 3.0
+rvm install 3.1
+rvm use 3.1
 ```
 
 Install oxidized requirements:
@@ -200,7 +184,7 @@ Run the container for the first time to initialize the config:
 _Note: this step in only required for creating the Oxidized configuration file and can be skipped if you already have one._
 
 ```shell
-docker run --rm -v /etc/oxidized:/home/oxidized/.config/oxidized -p 8888:8888/tcp -t oxidized/oxidized:latest oxidized
+docker run --rm -v /etc/oxidized:/home/oxidized/.config/oxidized -p 8888:8888/tcp --user oxidized -t oxidized/oxidized:latest oxidized
 ```
 
 If the RESTful API and Web Interface are enabled, on the docker host running the container
@@ -295,7 +279,7 @@ It is recommended practice to run Oxidized using its own username.  This usernam
 useradd -s /bin/bash -m oxidized
 ```
 
-> It is recommended __not__ to run Oxidized as root.
+> It is recommended __not__ to run Oxidized as root. After creating a dedicated user, switch to the oxidized user using su oxidized to ensure that Oxidized is run under the correct user context.
 
 To initialize a default configuration in your home directory `~/.config/oxidized/config`, simply run `oxidized` once. If you don't further configure anything from the output and source sections, it'll extend the examples on a subsequent `oxidized` execution. This is useful to see what options for a specific source or output backend are available.
 

data/Rakefile

@@ -27,7 +27,8 @@ task :test do
   Rake::TestTask.new do |t|
     t.libs << 'spec'
     t.test_files = FileList['spec/**/*_spec.rb']
-    t.warning = true
+    # Don't display ambiguity warning between regexp and division in models
+    t.warning = false
     t.verbose = true
   end
 end
@@ -75,7 +76,7 @@ task :chmod do
     extra/update-ca-certificates.runit
   ]
   dirs = []
-  %x(git ls-files -z).split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }.each do |file|
+  %x(git ls-files -z).split("\x0").reject { |f| f.match(/^(test|spec|features)\//) }.each do |file|
     dirs.push(File.dirname(file))
     xbit.include?(file) ? File.chmod(0o0755, file) : File.chmod(0o0644, file)
   end

data/docs/Configuration.md

@@ -9,7 +9,7 @@ The following example will log an active ssh/telnet session `/home/oxidized/.con
 ```yaml
 log: /home/oxidized/.config/oxidized/log
 
-...
+# ...
 
 input:
   default: ssh, telnet
@@ -45,7 +45,7 @@ As a partial example from ios.rb:
 ```ruby
   cmd :secret do |cfg|
     cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
-    (...)
+    # ...
     cfg
   end
 ```
@@ -98,14 +98,14 @@ vars:
 Per-Node:
 
 ```yaml
-...
+# ...
 map:
   name: 0
   model: 1
 vars_map:
   enable: 2
   ssh_keys: 3
-...
+# ...
 ```
 
 If you are using a non-standard path, especially when copying the private key via a secured channel, make sure that the permissions are set correctly:
@@ -131,7 +131,7 @@ This can be provided on a per-node basis by mapping the proper fields from your
 An example for a `csv` input source that maps the 4th field as the `ssh_proxy` value and the 5th field as `ssh_proxy_port`.
 
 ```yaml
-...
+# ...
 map:
   name: 0
   model: 1
@@ -139,7 +139,7 @@ vars_map:
   enable: 2
   ssh_proxy: 3
   ssh_proxy_port: 4
-...
+# ...
 ```
 
 ## SSH enabling legacy algorithms
@@ -149,7 +149,7 @@ When connecting to older firmware over SSH, it is sometimes necessary to enable
 These settings can be provided on a per-node basis by mapping the ssh_kex, ssh_host_key, ssh_hmac and the ssh_encryption fields from you source.
 
 ```yaml
-...
+# ...
 map:
   name: 0
   model: 1
@@ -159,7 +159,7 @@ vars_map:
   ssh_host_key: 4
   ssh_hmac: 5
   ssh_encryption: 6
-...
+# ...
 ```
 
 ## FTP Passive Mode
@@ -242,13 +242,15 @@ groups:
     password: ubnt
 ```
 
-Model specific variables within groups
+Model specific variables/credentials within groups
 
 ```yaml
 groups:
   foo:
     models:
       arista:
+        username: admin
+        password: password
         vars:
           ssh_keys: "~/.ssh/id_rsa_foo_arista"
       vyatta:
@@ -260,6 +262,8 @@ groups:
         vars:
           ssh_keys: "~/.ssh/id_rsa_bar_routeros"
       vyatta:
+        username: admin
+        password: pass
         vars:
           ssh_keys: "~/.ssh/id_rsa_bar_vyatta"
 ```
@@ -273,16 +277,16 @@ group_map:
   alias3: groupB
   alias4: groupB
   aliasN: groupZ
-  ...
+  # ...
 ```
 
 add group mapping to a source
 
 ```yaml
 source:
-  ...
+  # ...
   <source>:
-    ...
+    # ...
     map:
       model: 0
       name: 1
@@ -311,15 +315,35 @@ models:
     password: pass
 ```
 
+### Options (credentials, vars, etc.) precedence:
+From least to most important:
+- global options
+- model specific options
+- group specific options
+- model specific options in groups
+- options defined on single nodes
+
+More important options overwrite less important ones if they are set.
+
 ## RESTful API and Web Interface
 
 The RESTful API and Web Interface is enabled by configuring the `rest:` parameter in the config file.  This parameter can optionally contain a relative URI.
 
+```yaml
+# Listen on http://[::1]:8888/
+rest: "[::1]:8888"
+```
+
 ```yaml
 # Listen on http://127.0.0.1:8888/
 rest: 127.0.0.1:8888
 ```
 
+```yaml
+# Listen on http://[2001:db8:0:face:b001:0:dead:beaf]:8888/oxidized/
+rest: "[2001:db8:0:face:b001:0:dead:beaf]:8888"
+```
+
 ```yaml
 # Listen on http://10.0.0.1:8000/oxidized/
 rest: 10.0.0.1:8000/oxidized