diff options
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 56 |
1 files changed, 52 insertions, 4 deletions
@@ -67,6 +67,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen * Cisco * AireOS * ASA + * CatOS * IOS * IOSXR * NXOS @@ -100,22 +101,30 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen * Juniper * JunOS * ScreenOS (Netscreen) + * Mellanox + * MLNX-OS * Mikrotik * RouterOS * Motorola * RFS * MRV * MasterOS + * Netonix + * WISP Switch (As Netonix) * Opengear * Opengear * Palo Alto * PANOS + * Quanta + * Quanta / VxWorks 6.6 (1.1.0.8) * Supermicro * Supermicro * Ubiquiti * AirOS * Edgeos * EdgeSwitch + * Watchguard + * Fireware OS * Zyxel * ZyNOS @@ -125,7 +134,7 @@ Oxidized is a network device configuration backup tool. It's a RANCID replacemen Install all required packages and gems. ```shell -apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake +apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev gem install oxidized gem install oxidized-script oxidized-web # if you don't install oxidized-web, make sure you remove "rest" from your config ``` @@ -289,6 +298,30 @@ vars: enable: S3cre7 ``` +### Removing secrets + +To strip out secrets from configurations before storing them, Oxidized needs the the remove_secrets flag. You can globally enable this by adding the following snippet to the global sections of the configuration file. + +``` +vars: + remove_secret: true +``` + +Device models can contain substitution filters to remove potentially sensitive data from configs. + +As a partial example from ios.rb: + +``` + cmd :secret do |cfg| + cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>' + (...) + cfg + end +``` +The above strips out snmp community strings from your saved configs. + +**NOTE:** Removing secrets reduces the usefulness as a full configuration backup, but it may make sharing configs easier. + ### Source: CSV One line per device, colon seperated. @@ -401,9 +434,23 @@ output: git: user: Oxidized email: o@example.com - repo: - first: "/var/lib/oxidized/first.git" - second: "/var/lib/oxidized/second.git" + repo: "/var/lib/oxidized/git-repos/default.git" +``` + +Oxidized will create a repository for each group in the same directory as the `default.git`. For +example: + +``` csv +host1:ios:first +host2:nxos:second +``` + +This will generate the following repositories: + +``` bash +$ ls /var/lib/oxidized/git-repos + +default.git first.git second.git ``` If you would like to use groups and a single repository, you can force this with the `single_repo` config. @@ -510,6 +557,7 @@ vars: enable: S3cr3tx groups: {} rest: 127.0.0.1:8888 +pid: ~/.config/oxidized/oxidized.pid input: default: ssh, telnet debug: false |