oxidized 0.19.0 → 0.20.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +17 -0
- data/Dockerfile +17 -2
- data/Gemfile +0 -1
- data/Gemfile.lock +10 -9
- data/README.md +205 -10
- data/extra/auto-reload-config.runit +1 -1
- data/extra/oxidized.init +3 -3
- data/extra/update-ca-certificates.runit +7 -0
- data/lib/oxidized/config.rb +4 -2
- data/lib/oxidized/config/vars.rb +5 -1
- data/lib/oxidized/hook/exec.rb +1 -0
- data/lib/oxidized/hook/slackdiff.rb +34 -0
- data/lib/oxidized/input/ssh.rb +4 -1
- data/lib/oxidized/model/aireos.rb +1 -1
- data/lib/oxidized/model/airos.rb +9 -4
- data/lib/oxidized/model/alvarion.rb +3 -1
- data/lib/oxidized/model/aosw.rb +22 -6
- data/lib/oxidized/model/asa.rb +3 -2
- data/lib/oxidized/model/cisconga.rb +19 -0
- data/lib/oxidized/model/comware.rb +6 -0
- data/lib/oxidized/model/cumulus.rb +15 -3
- data/lib/oxidized/model/fabricos.rb +2 -1
- data/lib/oxidized/model/fiberdriver.rb +4 -0
- data/lib/oxidized/model/firewareos.rb +7 -1
- data/lib/oxidized/model/fortios.rb +15 -4
- data/lib/oxidized/model/ios.rb +83 -8
- data/lib/oxidized/model/ironware.rb +5 -6
- data/lib/oxidized/model/junos.rb +3 -0
- data/lib/oxidized/model/mlnxos.rb +5 -1
- data/lib/oxidized/model/netgear.rb +32 -0
- data/lib/oxidized/model/nxos.rb +14 -1
- data/lib/oxidized/model/oneos.rb +58 -0
- data/lib/oxidized/model/opengear.rb +2 -0
- data/lib/oxidized/model/pfsense.rb +3 -2
- data/lib/oxidized/model/powerconnect.rb +1 -0
- data/lib/oxidized/model/procurve.rb +8 -3
- data/lib/oxidized/model/quantaos.rb +1 -1
- data/lib/oxidized/model/routeros.rb +8 -0
- data/lib/oxidized/model/saos.rb +3 -1
- data/lib/oxidized/model/siklu.rb +19 -0
- data/lib/oxidized/model/timos.rb +16 -0
- data/lib/oxidized/model/tplink.rb +65 -0
- data/lib/oxidized/model/voltaire.rb +56 -0
- data/lib/oxidized/model/voss.rb +33 -0
- data/lib/oxidized/model/zhoneolt.rb +52 -0
- data/lib/oxidized/node.rb +39 -10
- data/lib/oxidized/nodes.rb +2 -1
- data/lib/oxidized/output/gitcrypt.rb +244 -0
- data/lib/oxidized/source/csv.rb +10 -1
- data/lib/oxidized/source/http.rb +24 -7
- data/lib/oxidized/version.rb +1 -1
- data/lib/oxidized/worker.rb +3 -2
- data/oxidized.gemspec +2 -1
- metadata +29 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5aa4c172ab2a33d6e75ee497b106687064f5f9d9
|
4
|
+
data.tar.gz: b0f9cf4fecb5837934a6ecaf622f12d6fc1646e8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 69d6052e266f2726179040a5e3598f107e8a74874c5b80aec3b1755d3da8ab826b4fd6d51d7be51cf833910bf98dc78e6c21a3658188f502a81a5428fcfc7b34
|
7
|
+
data.tar.gz: b828b07fc03b4684680268e8844cacd9b777b78d7889f4cfc05a9b86b32b20f210e0cfd23183fd27394ff5391c37ee659696e1240a43299d4bdfb31776f6d60b
|
data/CHANGELOG.md
CHANGED
@@ -1,3 +1,20 @@
|
|
1
|
+
# 0.20.0
|
2
|
+
- FEATURE: gpg support for CSV source (@elmobp)
|
3
|
+
- FEATURE: slackdiff (@natm)
|
4
|
+
- FEATURE: gitcrypt output model (@clement-parisot)
|
5
|
+
- FEATURE: model specific credentials (@davromaniak)
|
6
|
+
- FEATURE: hierarchical json in http source model
|
7
|
+
- FEATURE: next-adds-job config toggle (to add new job when ever /next is called)
|
8
|
+
- FEATURE: netgear model (@aschaber1)
|
9
|
+
- FEATURE: zhone model (@rfdrake)
|
10
|
+
- FEATURE: tplink model (@mediumo)
|
11
|
+
- FEATURE: oneos model (@crami)
|
12
|
+
- FEATURE: cisco NGA model (@udhos)
|
13
|
+
- FEATURE: voltaire model (@clement-parisot)
|
14
|
+
- FEATURE: siklu model (@bdg-robert)
|
15
|
+
- FEATURE: voss model (@ospfbgp)
|
16
|
+
- BUGFIX: ios, cumulus, ironware, nxos, fiberdiver, aosw, fortios, comware, procurve, opengear, timos, routeros, junos, asa, aireos, mlnxos, pfsense, saos, powerconnect, firewareos, quantaos
|
17
|
+
|
1
18
|
# 0.19.0
|
2
19
|
- FEATURE: allow setting ssh_keys (not relying on openssh config) (@denvera)
|
3
20
|
- FEATURE: fujitsupy model (@stokbaek)
|
data/Dockerfile
CHANGED
@@ -3,9 +3,23 @@ MAINTAINER Samer Abdel-Hafez <sam@arahant.net>
|
|
3
3
|
|
4
4
|
RUN add-apt-repository ppa:brightbox/ruby-ng && \
|
5
5
|
apt-get update && \
|
6
|
-
apt-get install -y ruby2.3 ruby2.3-dev libsqlite3-dev libssl-dev pkg-config make cmake libssh2-1-dev
|
6
|
+
apt-get install -y ruby2.3 ruby2.3-dev libsqlite3-dev libssl-dev pkg-config make cmake libssh2-1-dev git g++
|
7
7
|
|
8
|
-
RUN
|
8
|
+
RUN mkdir -p /tmp/oxidized
|
9
|
+
COPY . /tmp/oxidized/
|
10
|
+
WORKDIR /tmp/oxidized
|
11
|
+
|
12
|
+
RUN gem build oxidized.gemspec
|
13
|
+
RUN gem install oxidized-*.gem
|
14
|
+
|
15
|
+
# web interface
|
16
|
+
RUN gem install oxidized-web --no-ri --no-rdoc
|
17
|
+
|
18
|
+
# dependencies for hooks
|
19
|
+
RUN gem install aws-sdk
|
20
|
+
RUN gem install slack-api
|
21
|
+
|
22
|
+
RUN rm -rf /tmp/oxidized
|
9
23
|
|
10
24
|
RUN apt-get remove -y ruby-dev pkg-config make cmake
|
11
25
|
|
@@ -13,6 +27,7 @@ RUN apt-get -y autoremove
|
|
13
27
|
|
14
28
|
ADD extra/oxidized.runit /etc/service/oxidized/run
|
15
29
|
ADD extra/auto-reload-config.runit /etc/service/auto-reload-config/run
|
30
|
+
ADD extra/update-ca-certificates.runit /etc/service/update-ca-certificates/run
|
16
31
|
|
17
32
|
VOLUME ["/root/.config/oxidized"]
|
18
33
|
EXPOSE 8888/tcp
|
data/Gemfile
CHANGED
data/Gemfile.lock
CHANGED
@@ -1,10 +1,10 @@
|
|
1
1
|
PATH
|
2
2
|
remote: .
|
3
3
|
specs:
|
4
|
-
oxidized (0.
|
4
|
+
oxidized (0.20.0)
|
5
5
|
asetus (~> 0.1)
|
6
6
|
net-ssh (~> 3.0.2)
|
7
|
-
net-telnet
|
7
|
+
net-telnet (~> 0)
|
8
8
|
rugged (~> 0.21, >= 0.21.4)
|
9
9
|
slop (~> 3.5)
|
10
10
|
|
@@ -12,20 +12,20 @@ GEM
|
|
12
12
|
remote: https://rubygems.org/
|
13
13
|
specs:
|
14
14
|
asetus (0.3.0)
|
15
|
-
coderay (1.1.
|
15
|
+
coderay (1.1.1)
|
16
|
+
git (1.3.0)
|
16
17
|
metaclass (0.0.4)
|
17
18
|
method_source (0.8.2)
|
18
|
-
minitest (5.
|
19
|
-
mocha (1.1
|
19
|
+
minitest (5.10.1)
|
20
|
+
mocha (1.2.1)
|
20
21
|
metaclass (~> 0.0.1)
|
21
22
|
net-ssh (3.0.2)
|
22
23
|
net-telnet (0.1.1)
|
23
|
-
pry (0.
|
24
|
+
pry (0.11.0.pre2)
|
24
25
|
coderay (~> 1.1.0)
|
25
26
|
method_source (~> 0.8.1)
|
26
|
-
slop (~> 3.4)
|
27
27
|
rake (10.5.0)
|
28
|
-
rugged (0.
|
28
|
+
rugged (0.25.1.1)
|
29
29
|
slop (3.6.0)
|
30
30
|
|
31
31
|
PLATFORMS
|
@@ -33,6 +33,7 @@ PLATFORMS
|
|
33
33
|
|
34
34
|
DEPENDENCIES
|
35
35
|
bundler (~> 1.10)
|
36
|
+
git (~> 1)
|
36
37
|
minitest (~> 5.8)
|
37
38
|
mocha (~> 1.1)
|
38
39
|
oxidized!
|
@@ -40,4 +41,4 @@ DEPENDENCIES
|
|
40
41
|
rake (~> 10.0)
|
41
42
|
|
42
43
|
BUNDLED WITH
|
43
|
-
1.
|
44
|
+
1.14.6
|
data/README.md
CHANGED
@@ -19,6 +19,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
19
19
|
2. [Installation](#installation)
|
20
20
|
* [Debian](#debian)
|
21
21
|
* [CentOS, Oracle Linux, Red Hat Linux](#centos-oracle-linux-red-hat-linux)
|
22
|
+
* [BSD](#freebsd)
|
22
23
|
3. [Initial Configuration](#configuration)
|
23
24
|
4. [Installing Ruby 2.1.2 using RVM](#installing-ruby-2.1.2-using-rvm)
|
24
25
|
5. [Running with Docker](#running-with-docker)
|
@@ -32,6 +33,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
32
33
|
* [Source: Mysql](#source-mysql)
|
33
34
|
* [Source: HTTP](#source-http)
|
34
35
|
* [Output: GIT](#output-git)
|
36
|
+
* [Output: GIT-Crypt](#output-git-crypt)
|
35
37
|
* [Output: HTTP](#output-http)
|
36
38
|
* [Output: File](#output-file)
|
37
39
|
* [Output types](#output-types)
|
@@ -64,6 +66,8 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
64
66
|
* [C4CMTS](lib/oxidized/model/c4cmts.rb)
|
65
67
|
* Aruba
|
66
68
|
* [AOSW](lib/oxidized/model/aosw.rb)
|
69
|
+
* Avaya
|
70
|
+
* [VOSS](lib/oxidized/model/voss.rb)
|
67
71
|
* Brocade
|
68
72
|
* [FabricOS](lib/oxidized/model/fabricos.rb)
|
69
73
|
* [Ironware](lib/oxidized/model/ironware.rb)
|
@@ -75,13 +79,14 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
75
79
|
* Check Point
|
76
80
|
* [GaiaOS](lib/oxidized/model/gaiaos.rb)
|
77
81
|
* Ciena
|
78
|
-
* [
|
82
|
+
* [SAOS](lib/oxidized/model/saos.rb)
|
79
83
|
* Cisco
|
80
84
|
* [AireOS](lib/oxidized/model/aireos.rb)
|
81
85
|
* [ASA](lib/oxidized/model/asa.rb)
|
82
86
|
* [CatOS](lib/oxidized/model/catos.rb)
|
83
87
|
* [IOS](lib/oxidized/model/ios.rb)
|
84
88
|
* [IOSXR](lib/oxidized/model/iosxr.rb)
|
89
|
+
* [NGA](lib/oxidized/model/cisconga.rb)
|
85
90
|
* [NXOS](lib/oxidized/model/nxos.rb)
|
86
91
|
* [SMB (Nikola series)](lib/oxidized/model/ciscosmb.rb)
|
87
92
|
* Citrix
|
@@ -125,6 +130,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
125
130
|
* [ScreenOS (Netscreen)](lib/oxidized/model/screenos.rb)
|
126
131
|
* Mellanox
|
127
132
|
* [MLNX-OS](lib/oxidized/model/mlnxos.rb)
|
133
|
+
* [Voltaire](lib/oxidized/model/voltaire.rb)
|
128
134
|
* Mikrotik
|
129
135
|
* [RouterOS](lib/oxidized/model/routeros.rb)
|
130
136
|
* Motorola
|
@@ -132,10 +138,14 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
132
138
|
* MRV
|
133
139
|
* [MasterOS](lib/oxidized/model/masteros.rb)
|
134
140
|
* [FiberDriver](lib/oxidized/model/fiberdriver.rb)
|
141
|
+
* Netgear
|
142
|
+
* [Netgear](lib/oxidized/model/netgear.rb)
|
135
143
|
* Netonix
|
136
144
|
* [WISP Switch (As Netonix)](lib/oxidized/model/netonix.rb)
|
137
145
|
* Nokia (formerly TiMetra, Alcatel, Alcatel-Lucent)
|
138
146
|
* [SR OS (TiMOS)](lib/oxidized/model/timos.rb)
|
147
|
+
* OneAccess
|
148
|
+
* [OneOS](lib/oxidized/model/oneos.rb)
|
139
149
|
* Opengear
|
140
150
|
* [Opengear](lib/oxidized/model/opengear.rb)
|
141
151
|
* Palo Alto
|
@@ -144,16 +154,22 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
|
|
144
154
|
* [pfSense](lib/oxidized/model/pfsense.rb)
|
145
155
|
* Quanta
|
146
156
|
* [Quanta / VxWorks 6.6 (1.1.0.8)](lib/oxidized/model/quantaos.rb)
|
157
|
+
* Siklu
|
158
|
+
* [EtherHaul](lib/oxidized/model/siklu.rb)
|
147
159
|
* Supermicro
|
148
160
|
* [Supermicro](lib/oxidized/model/supermicro.rb)
|
149
161
|
* Trango Systems
|
150
162
|
* [Trango](lib/oxidized/model/trango.rb)
|
163
|
+
* TPLink
|
164
|
+
* [TPLink](lib/oxidized/model/tplink.rb)
|
151
165
|
* Ubiquiti
|
152
166
|
* [AirOS](lib/oxidized/model/airos.rb)
|
153
167
|
* [Edgeos](lib/oxidized/model/edgeos.rb)
|
154
168
|
* [EdgeSwitch](lib/oxidized/model/edgeswitch.rb)
|
155
169
|
* Watchguard
|
156
170
|
* [Fireware OS](lib/oxidized/model/firewareos.rb)
|
171
|
+
* Zhone
|
172
|
+
* [Zhone (OLT and MX)](lib/oxidized/model/zhoneolt.rb)
|
157
173
|
* Zyxel
|
158
174
|
* [ZyNOS](lib/oxidized/model/zynos.rb)
|
159
175
|
|
@@ -186,6 +202,27 @@ gem install oxidized
|
|
186
202
|
gem install oxidized-script oxidized-web
|
187
203
|
```
|
188
204
|
|
205
|
+
## FreeBSD
|
206
|
+
Use RVM to install Ruby v2.1.2
|
207
|
+
|
208
|
+
Install all required packages and gems.
|
209
|
+
|
210
|
+
```shell
|
211
|
+
pkg install cmake pkgconf
|
212
|
+
gem install oxidized
|
213
|
+
gem install oxidized-script oxidized-web
|
214
|
+
```
|
215
|
+
|
216
|
+
|
217
|
+
|
218
|
+
## Build from Git
|
219
|
+
```shell
|
220
|
+
git clone https://github.com/ytti/oxidized.git
|
221
|
+
cd oxidized/
|
222
|
+
gem build *.gemspec
|
223
|
+
gem install pkg/*.gem
|
224
|
+
```
|
225
|
+
|
189
226
|
# Configuration
|
190
227
|
|
191
228
|
Oxidized configuration is in YAML format. Configuration files are subsequently sourced from ```/etc/oxidized/config``` then ```~/.config/oxidized/config```. The hashes will be merged, this might be useful for storing source information in a system wide file and user specific configuration in the home directory (to only include a staff specific username and password). Eg. if many users are using ```oxs```, see [Oxidized::Script](https://github.com/ytti/oxidized-script).
|
@@ -221,7 +258,7 @@ Oxidized supports ```CSV```, ```SQLite``` and ```HTTP``` as source backends. The
|
|
221
258
|
|
222
259
|
## Outputs
|
223
260
|
|
224
|
-
Possible outputs are either ```file``` or ```git```. The file backend takes a destination directory as argument and will keep a file per device, with most recent running version of a device. The GIT backend (recommended) will initialize an empty GIT repository in the specified path and create a new commit on every configuration change. Take a look at the [Cookbook](#cookbook) for more details.
|
261
|
+
Possible outputs are either ```file```, ```git``` or ```git-crypt```. The file backend takes a destination directory as argument and will keep a file per device, with most recent running version of a device. The GIT backend (recommended) will initialize an empty GIT repository in the specified path and create a new commit on every configuration change. The GIT-Crypt backend will also initialize a GIT repository but every configuration push to it will be encrypted on the fly by using ```git-crypt``` tool. Take a look at the [Cookbook](#cookbook) for more details.
|
225
262
|
|
226
263
|
Maps define how to map a model's fields to model [model fields](https://github.com/ytti/oxidized/tree/master/lib/oxidized/model). Most of the settings should be self explanatory, log is ignored if `use_syslog`(requires Ruby >= 2.0) is set to `true`.
|
227
264
|
|
@@ -233,12 +270,15 @@ oxidized
|
|
233
270
|
|
234
271
|
Now tell Oxidized where it finds a list of network devices to backup configuration from. You can either use CSV or SQLite as source. To create a CSV source add the following snippet:
|
235
272
|
|
273
|
+
Note: If gpg is set to anything other than false it will attempt to decrypt the file contents
|
236
274
|
```
|
237
275
|
source:
|
238
276
|
default: csv
|
239
277
|
csv:
|
240
278
|
file: ~/.config/oxidized/router.db
|
241
279
|
delimiter: !ruby/regexp /:/
|
280
|
+
gpg: false
|
281
|
+
gpg_password: 'password'
|
242
282
|
map:
|
243
283
|
name: 0
|
244
284
|
model: 1
|
@@ -344,16 +384,26 @@ If you want to have the config automatically reloaded (e.g. when using a http so
|
|
344
384
|
docker run -v /etc/oxidized:/root/.config/oxidized -p 8888:8888/tcp -e CONFIG_RELOAD_INTERVAL=3600 -t oxidized/oxidized:latest
|
345
385
|
```
|
346
386
|
|
387
|
+
If you need to use an internal CA (e.g. to connect to an private github instance)
|
388
|
+
|
389
|
+
```
|
390
|
+
docker run -v /etc/oxidized:/root/.config/oxidized -v /path/to/MY-CA.crt:/usr/local/share/ca-certificates/MY-CA.crt -p 8888:8888/tcp -e UPDATE_CA_CERTIFICATES=true -t oxidized/oxidized:latest
|
391
|
+
```
|
392
|
+
|
347
393
|
## Cookbook
|
348
394
|
### Debugging
|
349
|
-
In case a model plugin doesn't work correctly (ios, procurve, etc.), you can enable live debugging of SSH/Telnet sessions. Just add a ```debug``` option
|
395
|
+
In case a model plugin doesn't work correctly (ios, procurve, etc.), you can enable live debugging of SSH/Telnet sessions. Just add a ```debug``` option containing the value true to the ```input``` section. The log files will be created depending on the parent directory of the logfile option.
|
350
396
|
|
351
|
-
The following example will log an active ssh session
|
397
|
+
The following example will log an active ssh/telnet session ```/home/oxidized/.config/oxidized/log/<IP-Adress>-<PROTOCOL>```. The file will be truncated on each consecutive ssh/telnet session, so you need to put a ```tailf``` or ```tail -f``` on that file!
|
352
398
|
|
353
399
|
```
|
400
|
+
log: /home/oxidized/.config/oxidized/log
|
401
|
+
|
402
|
+
...
|
403
|
+
|
354
404
|
input:
|
355
405
|
default: ssh, telnet
|
356
|
-
debug:
|
406
|
+
debug: true
|
357
407
|
ssh:
|
358
408
|
secure: false
|
359
409
|
```
|
@@ -403,7 +453,7 @@ vars:
|
|
403
453
|
|
404
454
|
### Source: CSV
|
405
455
|
|
406
|
-
One line per device, colon seperated.
|
456
|
+
One line per device, colon seperated. If `ip` isn't present, a DNS lookup will be done against `name`. For large installations, setting `ip` will dramatically reduce startup time.
|
407
457
|
|
408
458
|
```
|
409
459
|
source:
|
@@ -413,11 +463,12 @@ source:
|
|
413
463
|
delimiter: !ruby/regexp /:/
|
414
464
|
map:
|
415
465
|
name: 0
|
416
|
-
|
417
|
-
|
418
|
-
|
466
|
+
ip: 1
|
467
|
+
model: 2
|
468
|
+
username: 3
|
469
|
+
password: 4
|
419
470
|
vars_map:
|
420
|
-
enable:
|
471
|
+
enable: 5
|
421
472
|
```
|
422
473
|
|
423
474
|
### SSH Proxy Command
|
@@ -581,6 +632,72 @@ output:
|
|
581
632
|
|
582
633
|
```
|
583
634
|
|
635
|
+
### Output: Git-Crypt
|
636
|
+
|
637
|
+
This uses the gem git and system git-crypt interfaces. Have a look at [GIT-Crypt](https://www.agwa.name/projects/git-crypt/) documentation to know how to install it.
|
638
|
+
Additionally to user and email informations, you have to provide the users ID that can be a key ID, a full fingerprint, an email address, or anything else that uniquely identifies a public key to GPG (see "HOW TO SPECIFY A USER ID" in the gpg man page).
|
639
|
+
|
640
|
+
|
641
|
+
For a single repositories for all devices:
|
642
|
+
|
643
|
+
``` yaml
|
644
|
+
output:
|
645
|
+
default: gitcrypt
|
646
|
+
gitcrypt:
|
647
|
+
user: Oxidized
|
648
|
+
email: o@example.com
|
649
|
+
repo: "/var/lib/oxidized/devices"
|
650
|
+
users:
|
651
|
+
- "0x0123456789ABCDEF"
|
652
|
+
- "<user@example.com>"
|
653
|
+
```
|
654
|
+
|
655
|
+
And for groups repositories:
|
656
|
+
|
657
|
+
``` yaml
|
658
|
+
output:
|
659
|
+
default: gitcrypt
|
660
|
+
gitcrypt:
|
661
|
+
user: Oxidized
|
662
|
+
email: o@example.com
|
663
|
+
repo: "/var/lib/oxidized/git-repos/default"
|
664
|
+
users:
|
665
|
+
- "0xABCDEF0123456789"
|
666
|
+
- "0x0123456789ABCDEF"
|
667
|
+
```
|
668
|
+
|
669
|
+
Oxidized will create a repository for each group in the same directory as the `default`. For
|
670
|
+
example:
|
671
|
+
|
672
|
+
``` csv
|
673
|
+
host1:ios:first
|
674
|
+
host2:nxos:second
|
675
|
+
```
|
676
|
+
|
677
|
+
This will generate the following repositories:
|
678
|
+
|
679
|
+
``` bash
|
680
|
+
$ ls /var/lib/oxidized/git-repos
|
681
|
+
|
682
|
+
default.git first.git second.git
|
683
|
+
```
|
684
|
+
|
685
|
+
If you would like to use groups and a single repository, you can force this with the `single_repo` config.
|
686
|
+
|
687
|
+
``` yaml
|
688
|
+
output:
|
689
|
+
default: gitcrypt
|
690
|
+
gitcrypt:
|
691
|
+
single_repo: true
|
692
|
+
repo: "/var/lib/oxidized/devices"
|
693
|
+
users:
|
694
|
+
- "0xABCDEF0123456789"
|
695
|
+
- "0x0123456789ABCDEF"
|
696
|
+
|
697
|
+
```
|
698
|
+
|
699
|
+
Please note that user list is only updated once at creation.
|
700
|
+
|
584
701
|
### Output: Http
|
585
702
|
|
586
703
|
POST a config to the specified URL
|
@@ -724,6 +841,32 @@ map:
|
|
724
841
|
name: 1
|
725
842
|
group: 2
|
726
843
|
```
|
844
|
+
For model specific credentials
|
845
|
+
|
846
|
+
```
|
847
|
+
models:
|
848
|
+
junos:
|
849
|
+
username: admin
|
850
|
+
password: password
|
851
|
+
ironware:
|
852
|
+
username: admin
|
853
|
+
password: password
|
854
|
+
vars:
|
855
|
+
enable: enablepassword
|
856
|
+
apc_aos:
|
857
|
+
username: apc
|
858
|
+
password: password
|
859
|
+
```
|
860
|
+
|
861
|
+
### Triggered backups
|
862
|
+
|
863
|
+
A node can be moved to head-of-queue via the REST API `GET/POST /node/next/[NODE]`.
|
864
|
+
|
865
|
+
In the default configuration this node will be processed when the next job worker becomes available, it could take some time if existing backups are in progress. To execute moved jobs immediately a new job can be added:
|
866
|
+
|
867
|
+
```
|
868
|
+
next_adds_job: true
|
869
|
+
```
|
727
870
|
|
728
871
|
# Hooks
|
729
872
|
You can define arbitrary number of hooks that subscribe different events. The hook system is modular and different kind of hook types can be enabled.
|
@@ -748,6 +891,7 @@ Command is executed with the following environment:
|
|
748
891
|
```
|
749
892
|
OX_EVENT
|
750
893
|
OX_NODE_NAME
|
894
|
+
OX_NODE_IP
|
751
895
|
OX_NODE_FROM
|
752
896
|
OX_NODE_MSG
|
753
897
|
OX_NODE_GROUP
|
@@ -844,6 +988,57 @@ AWS SNS hook requires the following configuration keys:
|
|
844
988
|
|
845
989
|
Your AWS credentials should be stored in `~/.aws/credentials`.
|
846
990
|
|
991
|
+
## Hook type: slackdiff
|
992
|
+
|
993
|
+
The `slackdiff` hook posts colorized config diffs to a [Slack](http://www.slack.com) channel of your choice. It only triggers for `post_store` events.
|
994
|
+
|
995
|
+
You will need to manually install the `slack-api` gem on your system:
|
996
|
+
|
997
|
+
```
|
998
|
+
gem install slack-api
|
999
|
+
```
|
1000
|
+
|
1001
|
+
Configuration example:
|
1002
|
+
|
1003
|
+
``` yaml
|
1004
|
+
hooks:
|
1005
|
+
slack:
|
1006
|
+
type: slackdiff
|
1007
|
+
events: [post_store]
|
1008
|
+
token: SLACK_BOT_TOKEN
|
1009
|
+
channel: "#network-changes"
|
1010
|
+
```
|
1011
|
+
|
1012
|
+
# Extra
|
1013
|
+
|
1014
|
+
## Ubuntu SystemV init setup
|
1015
|
+
|
1016
|
+
The init script assumes that you have a used named 'oxidized' and that oxidized is in one of the following paths:
|
1017
|
+
|
1018
|
+
```
|
1019
|
+
/sbin
|
1020
|
+
/bin
|
1021
|
+
/usr/sbin
|
1022
|
+
/usr/bin
|
1023
|
+
/usr/local/bin
|
1024
|
+
```
|
1025
|
+
|
1026
|
+
1.)Copy init script from extra/ folder to /etc/init.d/oxidized
|
1027
|
+
2.)Setup /var/run/
|
1028
|
+
|
1029
|
+
```
|
1030
|
+
mkdir /var/run/oxidized
|
1031
|
+
chown oxidized:oxidized /var/run/oxidized
|
1032
|
+
```
|
1033
|
+
|
1034
|
+
3.)Make oxidized start on boot
|
1035
|
+
|
1036
|
+
```
|
1037
|
+
update-rc.d oxidized deafults
|
1038
|
+
```
|
1039
|
+
|
1040
|
+
Note the channel name must be in quotes.
|
1041
|
+
|
847
1042
|
# Ruby API
|
848
1043
|
|
849
1044
|
The following objects exist in Oxidized.
|