summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.md17
-rw-r--r--README.md50
-rwxr-xr-x[-rw-r--r--]extra/auto-reload-config.runit0
-rwxr-xr-x[-rw-r--r--]extra/nagios_check_failing_nodes.rb0
-rwxr-xr-x[-rw-r--r--]extra/oxidized-report-git-commits0
-rwxr-xr-x[-rw-r--r--]extra/oxidized.init0
-rwxr-xr-x[-rw-r--r--]extra/oxidized.init.d0
-rwxr-xr-x[-rw-r--r--]extra/oxidized.runit0
-rwxr-xr-x[-rw-r--r--]extra/syslog.rb0
-rw-r--r--lib/oxidized/cli.rb2
-rw-r--r--lib/oxidized/config.rb1
-rw-r--r--lib/oxidized/model/acos.rb22
-rw-r--r--lib/oxidized/model/catos.rb36
-rw-r--r--lib/oxidized/model/comware.rb2
-rw-r--r--lib/oxidized/model/iosxr.rb2
-rw-r--r--lib/oxidized/model/ironware.rb1
-rw-r--r--lib/oxidized/model/mlnxos.rb43
-rw-r--r--lib/oxidized/model/procurve.rb2
-rw-r--r--lib/oxidized/output/git.rb30
-rw-r--r--lib/oxidized/version.rb2
-rw-r--r--oxidized.gemspec12
21 files changed, 192 insertions, 30 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index f4dfe13..cea6fb4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,20 @@
-# 0 14.0
+# 0.14.3
+- BUGFIX: fix git when using multiple groups without single_repo
+
+# 0.14.2
+- BUGFIX: git expand path for all groups
+- BUGFIX: git get_version, teletubbies do it again
+- BUGFIX: comware, acos, procurve models
+
+# 0.14.1
+- BUGFIX: git get_version when groups and single_repo are used
+
+# 0.14.0
- FEATURE: support supermicro swithes (by @funzoneq)
+- FEATURE: support catos switches
+- BUGFIX: git+groups+singlerepo (by @PANZERBARON)
+- BUGFIX: asa, tmos, ironware, ios-xr
+- BUGFIX: mandate net-ssh 3.0.x, don't accept 3.1 (numerous issues)
# 0.13.1
- BUGFIX: file permissions (Sigh...)
diff --git a/README.md b/README.md
index 7dc8514..0c92632 100644
--- a/README.md
+++ b/README.md
@@ -67,6 +67,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
* Cisco
* AireOS
* ASA
+ * CatOS
* IOS
* IOSXR
* NXOS
@@ -100,6 +101,8 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
* Juniper
* JunOS
* ScreenOS (Netscreen)
+ * Mellanox
+ * MLNX-OS
* Mikrotik
* RouterOS
* Motorola
@@ -127,7 +130,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen
Install all required packages and gems.
```shell
-apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake
+apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev
gem install oxidized
gem install oxidized-script oxidized-web # if you don't install oxidized-web, make sure you remove "rest" from your config
```
@@ -291,6 +294,30 @@ vars:
enable: S3cre7
```
+### Removing secrets
+
+To strip out secrets from configurations before storing them, Oxidized needs the the remove_secrets flag. You can globally enable this by adding the following snippet to the global sections of the configuration file.
+
+```
+vars:
+ remove_secret: true
+```
+
+Device models can contain substitution filters to remove potentially sensitive data from configs.
+
+As a partial example from ios.rb:
+
+```
+ cmd :secret do |cfg|
+ cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
+ (...)
+ cfg
+ end
+```
+The above strips out snmp community strings from your saved configs.
+
+**NOTE:** Removing secrets reduces the usefulness as a full configuration backup, but it may make sharing configs easier.
+
### Source: CSV
One line per device, colon seperated.
@@ -403,9 +430,23 @@ output:
git:
user: Oxidized
email: o@example.com
- repo:
- first: "/var/lib/oxidized/first.git"
- second: "/var/lib/oxidized/second.git"
+ repo: "/var/lib/oxidized/git-repos/default.git"
+```
+
+Oxidized will create a repository for each group in the same directory as the `default.git`. For
+example:
+
+``` csv
+host1:ios:first
+host2:nxos:second
+```
+
+This will generate the following repositories:
+
+``` bash
+$ ls /var/lib/oxidized/git-repos
+
+default.git first.git second.git
```
If you would like to use groups and a single repository, you can force this with the `single_repo` config.
@@ -512,6 +553,7 @@ vars:
enable: S3cr3tx
groups: {}
rest: 127.0.0.1:8888
+pid: ~/.config/oxidized/oxidized.pid
input:
default: ssh, telnet
debug: false
diff --git a/extra/auto-reload-config.runit b/extra/auto-reload-config.runit
index 5eaecc8..5eaecc8 100644..100755
--- a/extra/auto-reload-config.runit
+++ b/extra/auto-reload-config.runit
diff --git a/extra/nagios_check_failing_nodes.rb b/extra/nagios_check_failing_nodes.rb
index abb34ba..abb34ba 100644..100755
--- a/extra/nagios_check_failing_nodes.rb
+++ b/extra/nagios_check_failing_nodes.rb
diff --git a/extra/oxidized-report-git-commits b/extra/oxidized-report-git-commits
index 2fd4870..2fd4870 100644..100755
--- a/extra/oxidized-report-git-commits
+++ b/extra/oxidized-report-git-commits
diff --git a/extra/oxidized.init b/extra/oxidized.init
index 197c5b1..197c5b1 100644..100755
--- a/extra/oxidized.init
+++ b/extra/oxidized.init
diff --git a/extra/oxidized.init.d b/extra/oxidized.init.d
index d2fdf00..d2fdf00 100644..100755
--- a/extra/oxidized.init.d
+++ b/extra/oxidized.init.d
diff --git a/extra/oxidized.runit b/extra/oxidized.runit
index c4ce129..c4ce129 100644..100755
--- a/extra/oxidized.runit
+++ b/extra/oxidized.runit
diff --git a/extra/syslog.rb b/extra/syslog.rb
index e364cf9..e364cf9 100644..100755
--- a/extra/syslog.rb
+++ b/extra/syslog.rb
diff --git a/lib/oxidized/cli.rb b/lib/oxidized/cli.rb
index 0594dcb..9a09d41 100644
--- a/lib/oxidized/cli.rb
+++ b/lib/oxidized/cli.rb
@@ -24,7 +24,7 @@ module Oxidized
Config.load(@opts)
Oxidized.setup_logger
- @pidfile = File.join(Oxidized::Config::Root, 'pid')
+ @pidfile = File.expand_path(Oxidized.config.pid)
end
def crash error
diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb
index 7884625..1797be6 100644
--- a/lib/oxidized/config.rb
+++ b/lib/oxidized/config.rb
@@ -30,6 +30,7 @@ module Oxidized
asetus.default.rest = '127.0.0.1:8888' # or false to disable
asetus.default.vars = {} # could be 'enable'=>'enablePW'
asetus.default.groups = {} # group level configuration
+ asetus.default.pid = File.join(Oxidized::Config::Root, 'pid')
asetus.default.input.default = 'ssh, telnet'
asetus.default.input.debug = false # or String for session log file
diff --git a/lib/oxidized/model/acos.rb b/lib/oxidized/model/acos.rb
index 75fbacf..7db8b00 100644
--- a/lib/oxidized/model/acos.rb
+++ b/lib/oxidized/model/acos.rb
@@ -1,5 +1,5 @@
class ACOS < Oxidized::Model
- # A10 ACOS model for AX and Thunder series
+ # A10 ACOS model for AX and Thunder series
comment '! '
@@ -17,10 +17,14 @@ class ACOS < Oxidized::Model
cmd 'show running-config all-partitions'
cmd 'show aflex all-partitions' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show aflex all-partitions' do |cfg|
@partitions_aflex = cfg.lines.each_with_object({}) do |l,h|
h[$1] = [] if l.match /partition: (.+)/
# only consider scripts that have passed syntax check
- h[h.keys.last] << $1 if l.match /^([\w-]+) +Check/
+ h[h.keys.last] << $1 if l.match /^([\w-]+) +Check/
end
''
end
@@ -52,18 +56,18 @@ class ACOS < Oxidized::Model
username /login:/
password /^Password:/
end
-
+
cfg :telnet, :ssh do
# preferred way to handle additional passwords
- if vars :enable
- post_login do
- send "enable\n"
- send vars(:enable) + "\n"
- end
+ post_login do
+ pw = vars(:enable)
+ pw ||= ""
+ send "enable\r\n"
+ cmd pw
end
post_login 'terminal length 0'
post_login 'terminal width 0'
- pre_logout "exit\nexit\ny"
+ pre_logout "exit\nexit\nY\r\n"
end
end
diff --git a/lib/oxidized/model/catos.rb b/lib/oxidized/model/catos.rb
new file mode 100644
index 0000000..874ebbc
--- /dev/null
+++ b/lib/oxidized/model/catos.rb
@@ -0,0 +1,36 @@
+class Catos < Oxidized::Model
+
+ prompt /^[\w.@-]+> \(enable\) $/
+ comment '# '
+
+ cmd :all do |cfg|
+ cfg.each_line.to_a[1..-2].join
+ end
+
+ cmd 'show system' do |cfg|
+ cfg = cfg.gsub /(\s+)\d+,\d+:\d+:\d+(\s+)/, '\1X\2'
+ comment cfg
+ end
+
+ cmd 'show version' do |cfg|
+ cfg = cfg.gsub /\d+(K)/, 'X\1'
+ cfg = cfg.gsub /^(Uptime is ).*/, '\1X'
+ comment cfg
+ end
+
+ cmd 'show conf all' do |cfg|
+ cfg = cfg.sub /^(#time: ).*/, '\1X'
+ cfg.each_line.drop_while { |line| not line.match /^begin/ }.join
+ end
+
+ cfg :telnet do
+ username /^Username: /
+ password /^Password:/
+ end
+
+ cfg :ssh, :telnet do
+ post_login 'set length 0'
+ pre_logout 'exit'
+ end
+
+end
diff --git a/lib/oxidized/model/comware.rb b/lib/oxidized/model/comware.rb
index 9b36e8b..27b70ae 100644
--- a/lib/oxidized/model/comware.rb
+++ b/lib/oxidized/model/comware.rb
@@ -13,6 +13,8 @@ class Comware < Oxidized::Model
cmd :all do |cfg|
#cfg.gsub! /^.*\e\[42D/, '' # example how to handle pager
+ #skip rogue ^M
+ cfg = cfg.gsub /\r/, ''
cfg.each_line.to_a[1..-2].join
end
diff --git a/lib/oxidized/model/iosxr.rb b/lib/oxidized/model/iosxr.rb
index a622b66..bf01140 100644
--- a/lib/oxidized/model/iosxr.rb
+++ b/lib/oxidized/model/iosxr.rb
@@ -30,7 +30,7 @@ class IOSXR < Oxidized::Model
cfg :telnet do
username /^Username:/
- password /^Password:/
+ password /^\r?Password:/
end
cfg :telnet, :ssh do
diff --git a/lib/oxidized/model/ironware.rb b/lib/oxidized/model/ironware.rb
index 55b6e57..1e8c30e 100644
--- a/lib/oxidized/model/ironware.rb
+++ b/lib/oxidized/model/ironware.rb
@@ -23,6 +23,7 @@ class IronWare < Oxidized::Model
cmd 'show version' do |cfg|
cfg.gsub! /(^((.*)[Ss]ystem uptime(.*))$)/, '' #remove unwanted line system uptime
+ cfg.gsub! /(^((.*)[Tt]he system started at(.*))$)/, ''
cfg.gsub! /[Uu]p\s?[Tt]ime is .*/,''
comment cfg
diff --git a/lib/oxidized/model/mlnxos.rb b/lib/oxidized/model/mlnxos.rb
new file mode 100644
index 0000000..9542c88
--- /dev/null
+++ b/lib/oxidized/model/mlnxos.rb
@@ -0,0 +1,43 @@
+class MLNXOS < Oxidized::Model
+
+ prompt /([\w.@()-\[:\s\]]+[#>]\s)$/
+ comment '## '
+
+ # Pager Handling
+ expect /.+lines\s\d+\-\d+([\s]|\/\d+\s\(END\)\s).+$/ do |data, re|
+ send ' '
+ data.sub re, ''
+ end
+
+ cmd :all do |cfg|
+ cfg.gsub! /\[\?1h=\r/, '' # Pager Handling
+ cfg.gsub! /\r\[K/,'' # Pager Handling
+ cfg.gsub! /\s/, '' # Linebreak Handling
+ cfg = cfg.lines.to_a[2..-3].join
+ end
+
+ cmd :secret do |cfg|
+ cfg.gsub! /(snmp-server community).*/, ' <snmp-server community configuration removed>'
+ cfg.gsub! /username (\S+) password (\d+) (\S+).*/, '<secret hidden>'
+ cfg
+ end
+
+ cmd 'show version' do |cfg|
+ comment cfg
+ end
+
+ cmd 'show inventory' do |cfg|
+ comment cfg
+ end
+
+ cmd 'enable'
+
+ cmd 'show running-config' do |cfg|
+ cfg
+ end
+
+ cfg :ssh do
+ password /^Password:\s*/
+ pre_logout 'exit'
+ end
+end
diff --git a/lib/oxidized/model/procurve.rb b/lib/oxidized/model/procurve.rb
index e667f48..392f510 100644
--- a/lib/oxidized/model/procurve.rb
+++ b/lib/oxidized/model/procurve.rb
@@ -2,7 +2,7 @@ class Procurve < Oxidized::Model
# some models start lines with \r
# previous command is repeated followed by "\eE", which sometimes ends up on last line
- prompt /^\r?([\w -]+\eE)?([\w-]+# )$/
+ prompt /^\r?([\w -]+\eE)?([\w.-]+# )$/
comment '! '
diff --git a/lib/oxidized/output/git.rb b/lib/oxidized/output/git.rb
index 8b605f6..8d9dae1 100644
--- a/lib/oxidized/output/git.rb
+++ b/lib/oxidized/output/git.rb
@@ -21,7 +21,14 @@ class Git < Output
Oxidized.asetus.save :user
raise NoConfig, 'no output git config, edit ~/.config/oxidized/config'
end
- @cfg.repo = File.expand_path @cfg.repo
+
+ if @cfg.repo.respond_to?(:each)
+ @cfg.repo.each do |group, repo|
+ @cfg.repo["#{group}="] = File.expand_path repo
+ end
+ else
+ @cfg.repo = File.expand_path @cfg.repo
+ end
end
def store file, outputs, opt={}
@@ -70,7 +77,10 @@ class Git < Output
def version node, group
begin
repo = @cfg.repo
- if group
+ path = node
+ if group and @cfg.single_repo?
+ path = "#{group}/#{node}"
+ elsif group
repo = File.join File.dirname(repo), group + '.git'
end
repo = Rugged::Repository.new repo
@@ -80,7 +90,7 @@ class Git < Output
i = -1
tab = []
walker.each do |commit|
- if commit.diff(paths: [node]).size > 0
+ if commit.diff(paths: [path]).size > 0
hash = {}
hash[:date] = commit.time.to_s
hash[:oid] = commit.oid
@@ -100,8 +110,10 @@ class Git < Output
def get_version node, group, oid
begin
repo = @cfg.repo
- if group && group != ''
+ if group && group != '' && !@cfg.single_repo?
repo = File.join File.dirname(repo), group + '.git'
+ elsif group && group != ''
+ node = File.join group, node
end
repo = Rugged::Repository.new repo
repo.blob_at(oid,node).content
@@ -115,7 +127,7 @@ class Git < Output
begin
repo = @cfg.repo
diff_commits = nil
- if group && group != ''
+ if group && group != '' && !@cfg.single_repo?
repo = File.join File.dirname(repo), group + '.git'
end
repo = Rugged::Repository.new repo
@@ -147,13 +159,19 @@ class Git < Output
def update repo, file, data
return if data.empty?
+
if @opt[:group]
if @cfg.single_repo?
file = File.join @opt[:group], file
else
- repo = File.join File.dirname(repo), @opt[:group] + '.git'
+ repo = if repo.is_a?(::String)
+ File.join File.dirname(repo), @opt[:group] + '.git'
+ else
+ repo[@opt[:group]]
+ end
end
end
+
begin
repo = Rugged::Repository.new repo
update_repo repo, file, data, @msg, @user, @email
diff --git a/lib/oxidized/version.rb b/lib/oxidized/version.rb
index cc69b85..428cd19 100644
--- a/lib/oxidized/version.rb
+++ b/lib/oxidized/version.rb
@@ -1,3 +1,3 @@
module Oxidized
- VERSION = '0.13.1'
+ VERSION = '0.14.3'
end
diff --git a/oxidized.gemspec b/oxidized.gemspec
index efa21db..9ff795c 100644
--- a/oxidized.gemspec
+++ b/oxidized.gemspec
@@ -21,11 +21,11 @@ Gem::Specification.new do |s|
s.required_ruby_version = '>= 2.0.0'
s.add_runtime_dependency 'asetus', '~> 0.1'
s.add_runtime_dependency 'slop', '~> 3.5'
- s.add_runtime_dependency 'net-ssh', '~> 3.0', '>= 3.0.2'
- s.add_runtime_dependency 'rugged', '~> 0.21', '>= 0.21.4'
- s.add_development_dependency 'pry', '~> 0'
- s.add_development_dependency 'bundler', '~> 1.10'
- s.add_development_dependency 'rake', '~> 10.0'
+ s.add_runtime_dependency 'net-ssh', '>= 3.0.0', '<3.1'
+ s.add_runtime_dependency 'rugged', '~> 0.21', '>= 0.21.4'
+ s.add_development_dependency 'pry', '~> 0'
+ s.add_development_dependency 'bundler', '~> 1.10'
+ s.add_development_dependency 'rake', '~> 10.0'
s.add_development_dependency 'minitest', '~> 5.8'
- s.add_development_dependency 'mocha', '~> 1.1'
+ s.add_development_dependency 'mocha', '~> 1.1'
end
generated by cgit v1.2.1 (git 2.18.0) at 2024-11-10 17:14:02 +0000