diff options
| -rw-r--r-- | CHANGELOG.md | 6 | ||||
| -rw-r--r-- | README.md | 32 | ||||
| -rw-r--r-- | extra/oxidized.service | 12 | ||||
| -rw-r--r-- | lib/oxidized/input/ssh.rb | 2 | ||||
| -rw-r--r-- | lib/oxidized/model/ironware.rb | 19 | ||||
| -rw-r--r-- | lib/oxidized/model/panos.rb | 26 | ||||
| -rw-r--r-- | lib/oxidized/model/screenos.rb | 2 | ||||
| -rw-r--r-- | lib/oxidized/output/git.rb | 2 | ||||
| -rw-r--r-- | lib/oxidized/source/http.rb | 54 | ||||
| -rw-r--r-- | lib/oxidized/worker.rb | 4 | ||||
| -rw-r--r-- | oxidized.gemspec | 2 |
11 files changed, 152 insertions, 9 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e0c0a1..296c67d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,9 @@ +# 0.7.0 +- FEATURE: support http source (by @laf) +- FEATURE: support Palo Alto PANOS (by @rixxxx) +- BUGFIX: screenos fixes (by @rixxxx) +- BUGFIX: allow 'none' auth in ssh (spotted by @SaldoorMike, needed by ciscosmb+aireos) + # 0.6.0 - FEATURE: support cumulus linux (by @FlorianDoublet) - FEATURE: support HP Comware SMB siwtches (by @sid3windr) @@ -2,7 +2,7 @@ [](http://badge.fury.io/rb/oxidized) -Oxidized is a network device configuration backup tool. It's a RANCID replacment! +Oxidized is a network device configuration backup tool. It's a RANCID replacement! * automatically adds/removes threads to meet configured retrieval interval * restful API to move node immediately to head-of-queue (GET/POST /node/next/[NODE]) @@ -27,6 +27,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacment * [Privileged mode](#privileged-mode) * [Source: CSV](#source-csv) * [Source: SQLite](#source-sqlite) + * [Source: HTTP](#source-http) * [Output: GIT](#output-git) * [Output: File](#output-file) * [Advanced Configuration](#advanced-configuration) @@ -67,6 +68,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacment * Juniper ScreenOS (Netscreen) * Mikrotik RouterOS * Ubiquiti AirOS + * Palo Alto PAN-OS # Installation @@ -99,7 +101,7 @@ To initialize a default configuration in your home directory ```~/.config/oxidiz ## Source -Oxidized supports ```CSV``` and ```SQLite``` as source backends. The CSV backend reads nodes from a rancid compatible router.db file. The SQLite backend will fire queries against a database and map certain fields to model items. Take a look at the [Cookbook](#cookbook) for more details. +Oxidized supports ```CSV```, ```SQLite``` and ```HTTP``` as source backends. The CSV backend reads nodes from a rancid compatible router.db file. The SQLite backend will fire queries against a database and map certain fields to model items. The HTTP backend will fire queries against a http/https url. Take a look at the [Cookbook](#cookbook) for more details. ## Outputs @@ -113,7 +115,7 @@ mkdir ~/.config/oxidized/configs oxidized ``` -Now tell Oxidized where it finds a list of network devices to backup configuration from. You can either use CSV or SQLite as source. To create a CVS source add the following snippet: +Now tell Oxidized where it finds a list of network devices to backup configuration from. You can either use CSV or SQLite as source. To create a CSV source add the following snippet: ``` source: @@ -220,6 +222,28 @@ source: enable: enable ``` +### Source: HTTP + +One object per device. + +``` +source: + default: http + http: + url: https://url/api + scheme: https + delimiter: !ruby/regexp /:/ + map: + name: hostname + model: os + username: username + password: password + vars_map: + enable: enable + headers: + X-Auth-Token: 'somerandomstring' +``` + ### Output: File Parent directory needs to be created manually, one file per device, with most recent running config. @@ -313,7 +337,7 @@ The following objects exist in Oxidized. * input - method to acquire config, loaded dynamically as needed (Also default in config file) * output - method to store config, loaded dynamically as needed (Also default in config file) * prompt - prompt used for node (Also default in config file, can be specified in model too) - * 'sql' and 'csv' (supports any format with single entry per line, like router.db) + * 'sql', 'csv' and 'http' (supports any format with single entry per line, like router.db) ## Model * lists commands to gather from given device model diff --git a/extra/oxidized.service b/extra/oxidized.service new file mode 100644 index 0000000..65063b7 --- /dev/null +++ b/extra/oxidized.service @@ -0,0 +1,12 @@ +#For debian 8 put it in /lib/systemd/system/ +#and call it with systemctl start oxidized.service + +[Unit] +Description=Oxidized - Network Device Configuration Backup Tool + +[Service] +ExecStart=/usr/local/bin/oxidized +User=root + +[Install] +WantedBy=multi-user.target diff --git a/lib/oxidized/input/ssh.rb b/lib/oxidized/input/ssh.rb index 46f90f9..b1f109b 100644 --- a/lib/oxidized/input/ssh.rb +++ b/lib/oxidized/input/ssh.rb @@ -24,7 +24,7 @@ module Oxidized @ssh = Net::SSH.start @node.ip, @node.auth[:username], :password => @node.auth[:password], :timeout => CFG.timeout, :paranoid => secure, - :auth_methods => %w(publickey password), + :auth_methods => %w(none publickey password keyboard-interactive), :number_of_password_prompts => 0 unless @exec shell_open @ssh diff --git a/lib/oxidized/model/ironware.rb b/lib/oxidized/model/ironware.rb index e18902b..83af5a1 100644 --- a/lib/oxidized/model/ironware.rb +++ b/lib/oxidized/model/ironware.rb @@ -25,13 +25,28 @@ class IronWare < Oxidized::Model end cmd 'show version' do |cfg| - cfg.gsub! /(^((.*)system uptime(.*))$)/, '' #remove unwanted line system uptime + cfg.gsub! /(^((.*)[Ss]ystem uptime(.*))$)/, '' #remove unwanted line system uptime + cfg.gsub! /uptime is .*/,'' + comment cfg end cmd 'show chassis' do |cfg| - cfg.gsub! "\xFF", '' # ugly hack - avoids JSON.dump utf-8 breakage on 1.9.. + cfg.gsub! /\xFF/n, '' # ugly hack - avoids JSON.dump utf-8 breakage on 1.9.. cfg.gsub! /(^((.*)Current temp(.*))$)/, '' #remove unwanted lines current temperature + cfg.gsub! /Speed = [A-Z]{3} \(\d{2}\%\)/, '' #remove unwanted lines Speed Fans + cfg.gsub! /current speed is [A-Z]{3} \(\d{2}\%\)/, '' + cfg.gsub! /Fan controlled temperature: \d{2}\.\d deg-C/, 'Fan controlled temperature: XX.X d deg-C' + if cfg.include? "TEMPERATURE" + sc = StringScanner.new cfg + out = '' + temps = '' + out << sc.scan_until(/.*TEMPERATURE/) + temps << sc.scan_until(/.*Fans/) + out << sc.rest + cfg = out + end + comment cfg end diff --git a/lib/oxidized/model/panos.rb b/lib/oxidized/model/panos.rb new file mode 100644 index 0000000..35624b7 --- /dev/null +++ b/lib/oxidized/model/panos.rb @@ -0,0 +1,26 @@ +class PanOS < Oxidized::Model + + # PaloAlto PAN-OS model # + + comment '! ' + + prompt /^[\w.\@:\(\)-]+>\s?$/ + + cmd :all do |cfg| + cfg.each_line.to_a[2..-3].join + end + + cmd 'show system info' do |cfg| + cfg.gsub! /^(up)?time:\ .*\n/, '' + comment cfg + end + + cmd 'show config running' do |cfg| + cfg + end + + cfg :ssh do + post_login 'set cli pager off' + pre_logout 'exit' + end +end diff --git a/lib/oxidized/model/screenos.rb b/lib/oxidized/model/screenos.rb index c13e64a..7ee9d9f 100644 --- a/lib/oxidized/model/screenos.rb +++ b/lib/oxidized/model/screenos.rb @@ -18,6 +18,8 @@ class ScreenOS < Oxidized::Model end cmd 'get system' do |cfg| + cfg.gsub! /^Date\ .*\n/, '' + cfg.gsub! /^Up\ .*\n/, '' comment cfg end diff --git a/lib/oxidized/output/git.rb b/lib/oxidized/output/git.rb index e9d797a..46e748a 100644 --- a/lib/oxidized/output/git.rb +++ b/lib/oxidized/output/git.rb @@ -179,7 +179,9 @@ class Git < Output :parents => repo.empty? ? [] : [repo.head.target].compact, :update_ref => 'HEAD', ) + index.write + true end end end diff --git a/lib/oxidized/source/http.rb b/lib/oxidized/source/http.rb new file mode 100644 index 0000000..d2e3ea6 --- /dev/null +++ b/lib/oxidized/source/http.rb @@ -0,0 +1,54 @@ +module Oxidized +class HTTP < Source + def initialize + @cfg = CFG.source.http + super + end + + def setup + if @cfg.url.empty? + raise NoConfig, 'no source http url config, edit ~/.config/oxidized/config' + end + end + + require "net/http" + require "uri" + require "json" + + def load + nodes = [] + uri = URI.parse(@cfg.url) + http = Net::HTTP.new(uri.host, uri.port) + http.use_ssl = true if uri.scheme == 'https' + + # map headers + headers = {} + @cfg.headers.each do |header, value| + headers[header] = value + end + + request = Net::HTTP::Get.new(uri.request_uri, headers) + + response = http.request(request) + data = JSON.parse(response.body) + data.each do |line| + next if line.empty? + # map node parameters + keys = {} + @cfg.map.each do |key, position| + keys[key.to_sym] = line[position] + end + keys[:model] = map_model keys[:model] if keys.key? :model + + # map node specific vars, empty value is considered as nil + vars = {} + @cfg.vars_map.each { |key, position| vars[key.to_sym] = line[position].to_s.empty? ? nil : line[position] } + keys[:vars] = vars unless vars.empty? + + nodes << keys + end + nodes + end + +end +end diff --git a/lib/oxidized/worker.rb b/lib/oxidized/worker.rb index 7ed70ac..6bb2a22 100644 --- a/lib/oxidized/worker.rb +++ b/lib/oxidized/worker.rb @@ -37,8 +37,10 @@ module Oxidized msg = "update #{node.name}" msg += " from #{node.from}" if node.from msg += " with message '#{node.msg}'" if node.msg - node.output.new.store node.name, job.config, + if node.output.new.store node.name, job.config, :msg => msg, :user => node.user, :group => node.group + Log.info "Configuration updated for #{node.group}/#{node.name}" + end node.reset else msg = "#{node.name} status #{job.status}" diff --git a/oxidized.gemspec b/oxidized.gemspec index 90b77b0..62c3e73 100644 --- a/oxidized.gemspec +++ b/oxidized.gemspec @@ -1,6 +1,6 @@ Gem::Specification.new do |s| s.name = 'oxidized' - s.version = '0.6.0' + s.version = '0.7.1' s.licenses = %w( Apache-2.0 ) s.platform = Gem::Platform::RUBY s.authors = [ 'Saku Ytti', 'Samer Abdel-Hafez' ] |