oxidized 0.35.0 → 0.36.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1c6d2a888514d85b0339a1c7511546258fc9af9665caf0702811d9a7712471c3
-  data.tar.gz: 5c1e9435a1c74249ac5eb13f8a56bc543766dfb51960791293b1c9acdc82a288
+  metadata.gz: f594c7328a0f47ff8623d8a025df44224af1e7addc71c57bd0c37ab2285c4f8f
+  data.tar.gz: 837bb841353c080c93235ca4a46095d42335fa8e05623f3e6f7ef5fc9cc67a44
 SHA512:
-  metadata.gz: 382ebf9e233125c17f8ec5acd1fe426f8ba95d5a88e8d4f2f1ae3aebe3b5749945917f7887898b71de2bdce7851b50e4785f82ee72a0eb952a117746307b9fed
-  data.tar.gz: 5792b01eab4cb6208c4515fcabc891416b9c782b47fe7015220670c25271ab8c9719cbc7174a0605629b6e4373ab37ab46cbc60f19c787bed7d3ebe33af96eff
+  metadata.gz: ce194d0b6353b929bdb14514d835a1500d846c50491d30782d89c1c3ccc2a6e0f0cdc34aa0b9385c8ca2ce82f0c759a917f252076fc8675169d5eb40694bc3dc
+  data.tar.gz: 21c716e53c0e391bfefa617e0a3bc68a23a14a04dce3d508ca82c127f993ea909a27799901d6ad3c3e0bb1625d749bae73882f2c8e2fcb8f0b400aca036df5ab

data/.coderabbit.yaml

@@ -0,0 +1,21 @@
+reviews:
+  auto_review:
+    enabled: false
+    auto_incremental_review: false
+
+  commit_status: false
+  review_status: false
+  high_level_summary: false
+  suggested_labels: false
+  suggested_reviewers: false
+  changed_files_summary: false
+  poem: false
+  sequence_diagrams: false
+  estimate_code_review_effort: false
+  assess_linked_issues: false
+  related_issues: false
+  in_progress_fortune: false
+
+
+chat:
+  auto_reply: false

data/.github/workflows/publishdocker.yml

@@ -27,27 +27,28 @@ jobs:
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: ${{ env.REGISTRY_IMAGE }}
           tags: |
             type=semver,pattern={{version}}
+            type=semver,pattern={{major}}
             type=sha,prefix=master-
           flavor: |
             latest=true
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Build and push by digest
         id: build
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           platforms: ${{ matrix.platform }}
           tags: ${{ env.REGISTRY_IMAGE }}
@@ -65,7 +66,7 @@ jobs:
           touch "${{ runner.temp }}/digests/${digest#sha256:}"
 
       - name: Upload digest
-        uses: actions/upload-artifact@v5
+        uses: actions/upload-artifact@v7
         with:
           name: digests-${{ env.PLATFORM_PAIR }}
           path: ${{ runner.temp }}/digests/*
@@ -78,28 +79,29 @@ jobs:
       - build
     steps:
       - name: Download digests
-        uses: actions/download-artifact@v6
+        uses: actions/download-artifact@v8
         with:
           path: ${{ runner.temp }}/digests
           pattern: digests-*
           merge-multiple: true
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: ${{ env.REGISTRY_IMAGE }}
           tags: |
             type=semver,pattern={{version}}
+            type=semver,pattern={{major}}
             type=sha,prefix=master-
           flavor: |
             latest=true

data/.github/workflows/ruby.yml

@@ -19,14 +19,12 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        ruby-version: ['3.1', '3.2', '3.3', '3.4', 'ruby-head']
+        ruby-version: ['3.0', '3.1', '3.2', '3.3', '3.4', 'ruby-head']
     continue-on-error: ${{ matrix.ruby-version == 'ruby-head' }}
 
     steps:
     - uses: actions/checkout@v6
     - name: Set up Ruby
-    # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby,
-    # change this to (see https://github.com/ruby/setup-ruby#versioning):
       uses: ruby/setup-ruby@v1
       with:
         ruby-version: ${{ matrix.ruby-version }}

data/.rubocop.yml

@@ -1,5 +1,9 @@
 inherit_from: .rubocop_todo.yml
 
+inherit_mode:
+  merge:
+    - Exclude
+
 plugins:
   - rubocop-rake
   - rubocop-minitest
@@ -24,7 +28,6 @@ Style/FrozenStringLiteralComment:
 
 Layout/LineLength:
   Enabled: true
-  IgnoreCopDirectives: false
   Max: 120
   # Too much models have long lines, which is unsafe to reduce without
   # having an existing model unit test.
@@ -66,6 +69,10 @@ Style/ConditionalAssignment:
 Style/FormatString:
   EnforcedStyle: percent
 
+Style/FileOpen:
+  Exclude:
+   - lib/oxidized/input/*.rb
+
 Style/FormatStringToken:
   EnforcedStyle: unannotated
   AllowedMethods: ['metadata']
@@ -82,6 +89,10 @@ Style/HashTransformKeys:
 Style/HashTransformValues:
   Enabled: true
 
+Style/OneClassPerFile:
+  Exclude:
+   - spec/**/*.rb
+
 Style/RegexpLiteral:
   EnforcedStyle: slashes
   AllowInnerSlashes: true
@@ -107,7 +118,7 @@ Metrics/AbcSize:
   Enabled: false
 
 Metrics/ClassLength:
-  Enabled: false
+  Max: 200
 
 Metrics/PerceivedComplexity:
   Enabled: false

data/.rubocop_todo.yml

@@ -1,11 +1,18 @@
 # This configuration was generated by
 # `rubocop --auto-gen-config`
-# on 2025-12-03 13:47:41 UTC using RuboCop version 1.81.7.
+# on 2026-03-31 11:49:52 UTC using RuboCop version 1.86.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
+# Offense count: 2
+# Configuration parameters: CountComments, Max, CountAsOne.
+Metrics/ClassLength:
+  Exclude:
+    - 'lib/oxidized/node.rb'
+    - 'lib/oxidized/output/git.rb'
+
 # Offense count: 1
 Style/ClassVars:
   Exclude:
@@ -19,7 +26,19 @@ Style/DoubleNegation:
   Exclude:
     - 'lib/oxidized/hook/exec.rb'
 
-# Offense count: 33
+# Offense count: 1
+Style/FileOpen:
+  Exclude:
+    - 'extra/syslog.rb'
+
+# Offense count: 2
+# Configuration parameters: AllowedClasses.
+Style/OneClassPerFile:
+  Exclude:
+    - 'lib/oxidized/input/telnet.rb'
+    - 'lib/oxidized/signals.rb'
+
+# Offense count: 32
 # This cop supports unsafe autocorrection (--autocorrect-all).
 Style/SlicingWithRange:
   Enabled: false

data/CHANGELOG.md

@@ -4,13 +4,60 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 
+## [0.36.0 - 2026-03-31]
+### Release Notes
+The fortios model has been split into fortigate and fortios. You need the new fortigate model for FortiGate firewalls. Be sure to check the [Fortinet model notes](docs/Model-Notes/Fortinet.md) before upgrading.
+
+The SCP gem is now an optional dependency as it will rarely be used - you must install it if you need it. It is still included in the docker image.
+
+We may rework models in the future to clean up duplicated code (by using the macros or by inheriting from the Defacto model). To make sure your favorite model doesn’t break, please share [simulation files](/docs/DeviceSimulation.md) via issues or, preferably, pull requests, so we can detect when a change breaks a model.
+
+### Added
+- Support https mode, headers, and ssl verify for HTTP output (@bahirul)
+- String refinements: introduce `keep_lines` and `reject_lines` methods (@robertcheramy)
+- Support for storing configurations only on significant changes (@robertcheramy)
+- Add support for Ivanti Secure Connect ISA models (@candleflip)
+- smartbyte: new model for SmartByte switches (@freddy36)
+- Support multiple input (@robertcheramy)
+- apcaos model with SSH + SCP capabilities, deprecates apc_aos (@robertcheramy)
+- exalink model for specific Cisco ExaLink Fusion (formerly Exablaze) switches (@obol89)
+- source_node_transform hook, allows user to manipulate node data when loading from source (@ytti)
+- docker image: publish major version tag (e.g. `0`) in addition to full semver tag on releases (@infabo)
+- introduce the defacto model and macros for models (@ytti)
+
+### Changed
+- Refactored models: Use `keep_lines` and `reject_lines` in aosw, arubainstant, asa, efos, firelinuxos, fsos, ironware, mlnxos and perle (@robertcheramy)
+- Refactor SSH and SCP into a common class SSHBase. Fixes #3597 (@robertcheramy)
+- Modified models to support store mode on significant changes: ios, fortios, perle, ndms (@robertcheramy, @furriest)
+- fortios: model rewrite and split into fortios and fortigate. Fixes #3680 (@robertcheramy)
+- fortigate: Add PSU & SFP inventory (@robertcheramy)
+- fortigate: move var fortios_autoupdate (deprecated) to fortigate_autoupdate (@robertcheramy)
+- netgear: extended login and pager detection to add support for GS728TPv2 and GS752TPv2 (@weberc)
+- comware: Hide snmp secrets for Comware (@iriseden)
+- Aruba-CX : Hide secrets for Aruba-CX (@iriseden)
+
+### Fixed
+- VyOS: Only remove SNMP community, not route-maps. Fixes #3735 (@systeembeheerder)
+- apc_aos: set comment to "; " to match comments in config.ini (@robertcheramy)
+- h3c: fix overly permissive prompt regexp causing false matches. Fixes #3673 (@robertcheramy)
+- extra/device2yaml.rb: fix \r being removed at end of line (@robertcheramy)
+- perle: remove trailing \r (the device sends \r\r\n) (@robertcheramy)
+- Reintroduce support for Ruby 3.0. Fixes #3688 (@robertcheramy)
+- githubrepo: fix authentication with ssh-agent not working. Fixes #3420 (@robertcheramy)
+- fastiron: adjust prompt to account for stacks, remove time from stack output. Fixes #3106 (@ManoftheSea)
+- interval: fix fetching device configuration at oxidized start when interval is 0. Fixes #3746 (@tgr229)
+- voss: more cleanup of constantly changing values (fan & temp) for at least Extreme Networks 7520-48Y-8C-FabricEngine (8.10.5.0) (@irrwitzer42)
+- truenas: Added retry logic to use sudo for reading/dumping the configuration database if needed. Fixes #3767 (@neilschelly)
+- aoscx: update regex to include 'N/A' in FAN speed parsing (@solrac200, @robertcheramy)
+- nxos: show inventory for older models. Fixes #3779 (@scamp)
+
 ## [0.35.0 - 2025-12-04]
 ### Release Notes
-- VyOS now has it's own Model and should be used for supported VyOS versions instead of the Vyatta Model.
+- VyOS now has it's own model and should be used for supported VyOS versions instead of the Vyatta model.
 - AosCX has been reworked and may break old OS versions. Submit an issue along with a YAML Simulation File if you encounter problems.
 - TiMOS (deprecated model) has been removed. Use SROS.
-- FortiOs will be reworked in Release 0.36 (Issue #3680). Subscribe to the issue if you want to be informed and test the model before the release.
-- Support for Ruby 3.1 will be discontinued in Release 0.36 (Issue #3688) if no one objects.
+- FortiOs will be reworked in release 0.36 (Issue #3680). Subscribe to the issue if you want to be informed and test the model before the release.
+- ~~Support for Ruby 3.1 will be discontinued in release 0.36 (Issue #3688) if no one objects.~~
 
 ### Added
 - Allow setting timeout on per node basis. Closes #3612 (@ytti)

data/README.md

@@ -73,8 +73,7 @@ Check out the [Oxidized TREX 2014 presentation](http://youtu.be/kBQ_CTUuqeU?t=3h
 ## Installation
 
 ### Debian and Ubuntu
-
-Debian "buster" or newer and Ubuntu 17.10 (artful) or newer are recommended. On Ubuntu, begin by enabling the `universe`
+Debian 12 "bookworm" or newer and Ubuntu 22.04 (Jammy Jellyfish) or newer are recommended. On Ubuntu, begin by enabling the `universe`
 repository (required for libssh2-1-dev):
 
 ```shell
@@ -129,7 +128,7 @@ gem install oxidized-script # Script-based input/output extensions
 ```
 
 ### FreeBSD
-These installation instructions have been tested on FreeBSD 14.2, but
+> :warning: These installation instructions have been tested on FreeBSD 14.2, but
 oxidized itself has not been tested on it.
 
 First install ruby and rubyXX-gems (Find out the name of the package with `pkg search gems`):

data/docs/Configuration.md

@@ -82,7 +82,7 @@ a regular expression.
 username: oxidized
 password: S3cr3tx
 model: junos
-interval: 3600 #interval in seconds
+interval: 3600 #interval in seconds, when 0 is configured no fetch config is done at initial start and after
 log: ~/.config/oxidized/log
 debug: false
 threads: 30 # maximum number of threads
@@ -548,3 +548,32 @@ end
 ```
 
 Remove a previous metadata by setting it to `nil`.
+
+## Store configuration only on significant changes
+Some devices produce configuration changes even though nothing relevant
+changed. For example, Cisco IOS produces a `Last configuration change at` as
+soon as you exit config mode, and FortiOS encrypts its passwords with a
+different salt on every run.
+
+By setting the [variable](#options-credentials-vars-etc-precedence)
+`output_store_mode` to `on_significant`, you can tell Oxidized only to
+store the configuration when significant changes occurred. The default is to
+always store the configuration.
+```yaml
+vars:
+  output_store_mode: on_significant
+```
+
+For this to work, the model must implement `cmd :significant_changes`:
+```ruby
+  cmd :significant_changes do |cfg|
+    cfg.reject_lines [
+      'Last configuration change at',
+      'NVRAM config last updated at'
+    ]
+  end
+```
+
+Note that store on significant change only applies to the main configuration,
+and will not affect
+[output types](Creating-Models.md#advanced-feature-output-type)

data/docs/Creating-Models.md

@@ -1,10 +1,19 @@
 # Creating and Extending Models
 
-Oxidized supports a growing list of [operating system types](Supported-OS-Types.md). Out of the box, most model implementations collect configuration data. Some implementations also include a conservative set of additional commands that collect basic device information (device make and model, software version, licensing information, ...) which are appended to the configuration as comments.
+Oxidized supports a growing list of
+[operating system types](Supported-OS-Types.md). Out of the box, most model
+implementations collect configuration data. Some implementations also include a
+conservative set of additional commands that collect basic device information
+(device make and model, software version, licensing information, ...) which are
+appended to the configuration as comments.
 
-A user may wish to extend an existing model to collect the output of additional commands. Oxidized offers smart loading of models in order to facilitate this with ease, without the need to introduce changes to the upstream source code.
+A user may wish to extend an existing model to collect the output of additional
+commands. Oxidized offers smart loading of models in order to facilitate this
+with ease, without the need to introduce changes to the upstream source code.
 
-This methodology allows local site changes to be preserved during Oxidized version updates / gem updates. It also enables convenient local development of new models.
+This methodology allows local site changes to be preserved during Oxidized
+version updates / gem updates. It also enables convenient local development
+of new models.
 
 ## Index
 - [Creating a new model](#creating-a-new-model)
@@ -19,14 +28,50 @@ This methodology allows local site changes to be preserved during Oxidized versi
 - [Help](#help)
 
 ## Creating a new model
+### Use the defacto model
+Before you create a new model, check the
+[defacto model](/lib/oxidized/model/defacto.rb). It aims to work with a lot of
+devices copying the defacto standard set by the cisco CLI:
+- login per ssh or telnet
+- disable pager
+- execute `show running-config`
+- run both `exit` and `logout`
+
+If you want to extend the defacto model, you can define your own model file,
+and inherit from `Defacto`:
+```ruby
+require 'oxidized/model/defacto'
+
+class OxiWare < Defacto
+  # Redefine how to process show running-config
+  def process_config(cfg)
+    cfg.gsub(/.*service timestamps.*/, '')
+  end
+
+  # run more commands. They will be run before 'show running-config'
+  cmd "show cdp neighbors" do |cfg|
+    comment cfg
+  end
 
+  # Send "enable" password if defined in vars("enable")
+  macro :enable
+end
+```
+
+If your model doesn't support "show running-config", or if you prefer to avoid
+the dependency of the defacto model, you will need to write a model "from
+scratch" as explained in the next section.
+
+### Create a new model from scratch
 An Oxidized model, at minimum, requires just three elements:
 
 * A model file, this file should be placed in the ~/.config/oxidized/model directory and named after the target OS type.
 * A class defined within this file with the same name as the file itself that inherits from `Oxidized::Model`, the base model class.
 * At least one command that will be executed and the output of which will be collected by Oxidized.
 
-A bare-bone example for a fictional model running the OS type `rootware` could be introduced by creating the file `~/.config/oxidized/model/rootware.rb`, with the following content:
+A bare-bone example for a fictional model running the OS type `rootware` could
+be introduced by creating the file `~/.config/oxidized/model/rootware.rb`, with
+the following content:
 
 ```ruby
 class RootWare < Oxidized::Model
@@ -60,14 +105,84 @@ A more fleshed out example can be found in the `IOS` and `JunOS` models.
 
 ## Typical Tasks and Solutions
 
+### Keep or Remove Lines Returned from a Command
+To make command output cleaner, you can remove unwanted lines or keep only
+specific ones.
+
+Most devices echo the executed command on the first line and display a
+prompt on the last line. To remove these for all commands, use
+[cut_both](Ruby-API.md#cut_both):
+```ruby
+  cmd :all do |cfg|
+    cfg.cut_both
+  end
+```
+
+You can also use the macro `clean :cut`, which does the same:
+```ruby
+  clean :cut
+```
+
+If you want to keep only relevant lines, use
+[keep_lines](Ruby-API.md#keep_lines):
+```ruby
+  cmd 'show interfaces transceiver' do |cfg|
+    cfg = cfg.keep_lines [
+      'SFP Information',
+      /Vendor (Name|Serial Number)/
+    ]
+    comment cfg + "\n"
+  end
+```
+
+If you want to suppress specific lines,
+use [reject_lines](Ruby-API.md#reject_lines):
+```ruby
+  cmd 'show running-config' do |cfg|
+    cfg.reject_lines [
+      'System Up Time',
+      /Current .* Time:/
+    ]
+  end
+```
+
 ### Handling 'enable' mode
-The following code snippet demonstrates how to handle sending the 'enable'
-command and an enable password.
+Some devices need to send an 'enable' command and an enable password.
+
+You can use the `macro :enable` command to implement this:
+```ruby
+class IOS < Oxidized::Model
+  using Refinements
+  # ... Code ...
+  macro :enable
+end
+```
+
+`macro :enable` takes options:
+- `regex`; the regex to match the password prompt (default: `/password/i`)
+- `inputs`: a symbol or a list of symbols for which inputs enable should be activated (default: %i[telnet ssh])
+- `command`: the command needed to access privileged mode (default: `enable`)
+
+If one would want to access a german linux box as root, a minimal model would be:
+```ruby
+class GermanLinux < Oxidized::Model
+  using Refinements
+
+  prompt /^(\w.*|\W.*)[:#$] /
+  comment '# '
 
-This example is taken from the `IOS` model. It covers scenarios where users
-need to enable privileged mode, either without providing a password (by setting
-`enable: true` in the configuration) or with a password.
+  cmd "id"
 
+  cfg :ssh do
+    pre_logout 'exit'
+    pre_logout 'exit'
+  end
+
+  macro :enable, inputs: :ssh, command: "su -", regex: /Passwort: /
+end
+```
+
+The macro (with defaults) implements following code:
 ```ruby
   cfg :telnet, :ssh do
     post_login do
@@ -80,7 +195,7 @@ need to enable privileged mode, either without providing a password (by setting
     end
   end
 ```
-Note: Remove `:telnet, ` if your device does not support telnet.
+
 
 ### Remove ANSI Escape Codes
 Some devices produce [ANSI escape codes](https://en.wikipedia.org/wiki/ANSI_escape_code#Control_Sequence_Introducer_commands)
@@ -110,8 +225,8 @@ You can nest `cmd` inside [`cmd` blocks](Ruby-API.md#cmd), the following example
 is taken from [nxos.rb](/lib/oxidized/model/nxos.rb):
 ```ruby
   cmd 'show inventory all' do |cfg|
-    if cfg.include? "% Invalid parameter detected at '^' marker."
-      # 'show inventory all' isn't supported on older versions (See Issue #3657)
+    if cfg.match? /^% Invalid .* at '\^' marker\./
+      # 'show inventory all' isn't supported on older versions (See Issues #3657, #3779)
       cfg = cmd 'show inventory'
     end
     comment cfg
@@ -209,7 +324,7 @@ A good (and optional) practice for submissions is to provide a
 further developments could break it, and facilitates debugging issues without
 having access to a physical network device for the model.
 
-## Advanced features
+## Advanced feature: output type
 
 The loosely-coupled architecture of Oxidized allows for easy extensibility in more advanced use cases as well.
 

data/docs/Docker.md

@@ -8,7 +8,8 @@ as [oxidized/oxidized](https://hub.docker.com/r/oxidized/oxidized/) with a
 There are three different types of tags:
 - Each commit to the master branch will be published with the tag
   `master-(git sha oid)`
-- Each release will be published with the version as a tag
+- Each release will be published with the full version as a tag (e.g. `0.35.0`)
+- Each release will also be published with the major version as a tag (e.g. `0`)
 - Latest is the latest release, either from a commit or a release tag
 
 Currently, Docker Hub automatically builds the master branch for linux/amd64 and

data/docs/Inputs.md

@@ -177,6 +177,35 @@ input:
     passive: false
 ```
 
+## HTTP
+### Supported HTTP Methods
+
+The HTTP input supports the following HTTP methods:
+- `:get`  - for GET requests
+- `:post` - for POST requests
+
+These methods are used internally by models that require HTTP-based 
+configuration retrieval. Models can use `get_http()` and `post_http()` methods 
+provided by the HTTP input.
+
+Example usage in a model:
+
+```ruby
+cfg :http do
+  post_response = post_http('/some/path', payload, 'Some-Extra-Header' => 'value')
+  get_response  = get_http('/some/path')
+end
+```
+
+HTTP input can be enabled by adding this block to the configuration file:
+
+```yaml
+input:
+  http:
+    scheme: https
+    ssl_verify: true
+    timeout: 30
+```
 
 ## Debugging
 

data/docs/Model-Notes/APC.md

@@ -0,0 +1,72 @@
+# APC Configuration
+The configuration of APC Network Management Cards can be downloaded using FTP
+and SCP. You can retrieve serial numbers and OS version information through
+an SSH connection.
+
+APC OS does not have the ability to display the config.ini within an SSH shell.
+A ticket was opened with APC support to enable "cat config.ini"
+within an SSH shell, but APC declined to implement this feature.
+
+To overcome this limitation, a capability to run against multiple inputs (SSH + SCP)
+has been implemented in Oxidized and in the [model ApcAos](/lib/oxidized/model/apcaos.rb).
+
+The old model apc_aos (SCP/FTP only) is deprecated and will be removed in a
+future release. Migrate to ApcAos.
+
+## How do I activate FTP/SCP input?
+To download the configuration with FTP or SCP, you must activate it
+as an input in the Oxidized configuration. If you don't activate the input,
+Oxidized will fail for the node with an error.
+
+You probably also need to increase the default timeout to something about 60
+seconds, as the APC are really slow, and need about 30 seconds to complete.
+
+The configuration can be done either globally or only for the ApcAos model.
+
+### Global Configuration
+The global configuration would look like this. Note that Oxidized will try every
+input type in the given order until it succeeds, or it will report a failure.
+```yaml
+timeout: 60
+input:
+  default: ssh, ftp, scp
+```
+The order in the configuration is relevant. With this configuration, the ApcAos
+model will run SSH first, then it will try FTP, and if FTP fails SCP.
+
+### Model-Specific Configuration
+
+Configuration for activating only the SCP input for ApcAos only:
+```yaml
+input:
+  default: ssh
+models:
+  apcaos:
+    input: ssh, scp
+    timeout: 60
+```
+
+### Setting Specific Credentials
+You can also set a specific username and password for ApcAos only:
+```yaml
+username: default-user
+password: default-password
+input:
+  default: ssh
+models:
+  ApcAos:
+    username: apc-user
+    password: apc-password
+    input: ssh, scp
+    timeout: 60
+```
+
+## Why do I partially get CR + LF?
+The config.ini file has a DOS-Format (CR + LF), and is saved without
+modifications, so that it can be uploaded to the device.
+
+Outputs from ssh are stored without CR, so the first part of the file is
+without CR and config.ini with CR + LF.
+
+This is expected behavior and should not affect the functionality of the backup
+or restore process.