summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/oxidized/config.rb1
-rw-r--r--lib/oxidized/config/vars.rb6
-rw-r--r--lib/oxidized/hook/exec.rb1
-rw-r--r--lib/oxidized/hook/slackdiff.rb6
-rw-r--r--lib/oxidized/model/airos.rb13
-rw-r--r--lib/oxidized/model/boss.rb76
-rw-r--r--lib/oxidized/model/firewareos.rb8
-rw-r--r--lib/oxidized/model/fortios.rb3
-rw-r--r--lib/oxidized/model/hirschmann.rb41
-rw-r--r--lib/oxidized/model/ios.rb88
-rw-r--r--lib/oxidized/model/mlnxos.rb2
-rw-r--r--lib/oxidized/model/netgear.rb32
-rw-r--r--lib/oxidized/model/pfsense.rb2
-rw-r--r--lib/oxidized/model/powerconnect.rb1
-rw-r--r--lib/oxidized/model/quantaos.rb2
-rw-r--r--lib/oxidized/model/routeros.rb8
-rw-r--r--lib/oxidized/model/siklu.rb19
-rw-r--r--lib/oxidized/model/voltaire.rb56
-rw-r--r--lib/oxidized/model/voss.rb36
-rw-r--r--lib/oxidized/model/vrp.rb6
-rw-r--r--lib/oxidized/node.rb44
-rw-r--r--lib/oxidized/output/gitcrypt.rb244
-rw-r--r--lib/oxidized/version.rb2
23 files changed, 668 insertions, 29 deletions
diff --git a/lib/oxidized/config.rb b/lib/oxidized/config.rb
index aba8b63..23af9c2 100644
--- a/lib/oxidized/config.rb
+++ b/lib/oxidized/config.rb
@@ -31,6 +31,7 @@ module Oxidized
asetus.default.next_adds_job = false # if true, /next adds job, so device is fetched immmeiately
asetus.default.vars = {} # could be 'enable'=>'enablePW'
asetus.default.groups = {} # group level configuration
+ asetus.default.models = {} # model level configuration
asetus.default.pid = File.join(Oxidized::Config::Root, 'pid')
asetus.default.input.default = 'ssh, telnet'
diff --git a/lib/oxidized/config/vars.rb b/lib/oxidized/config/vars.rb
index 09f9781..d926ee2 100644
--- a/lib/oxidized/config/vars.rb
+++ b/lib/oxidized/config/vars.rb
@@ -8,8 +8,12 @@ module Oxidized::Config::Vars
r ||= Oxidized.config.groups[@node.group].vars[name.to_s]
end
end
+ if Oxidized.config.models.has_key?(@node.model.class.name.to_s.downcase)
+ if Oxidized.config.models[@node.model.class.name.to_s.downcase].vars.has_key?(name.to_s)
+ r ||= Oxidized.config.models[@node.model.class.name.to_s.downcase].vars[name.to_s]
+ end
+ end
r ||= Oxidized.config.vars[name.to_s] if Oxidized.config.vars.has_key?(name.to_s)
r
end
end
-
diff --git a/lib/oxidized/hook/exec.rb b/lib/oxidized/hook/exec.rb
index 58d6fd5..fa8aff1 100644
--- a/lib/oxidized/hook/exec.rb
+++ b/lib/oxidized/hook/exec.rb
@@ -67,6 +67,7 @@ class Exec < Oxidized::Hook
if ctx.node
env.merge!(
"OX_NODE_NAME" => ctx.node.name.to_s,
+ "OX_NODE_IP" => ctx.node.ip.to_s,
"OX_NODE_FROM" => ctx.node.from.to_s,
"OX_NODE_MSG" => ctx.node.msg.to_s,
"OX_NODE_GROUP" => ctx.node.group.to_s,
diff --git a/lib/oxidized/hook/slackdiff.rb b/lib/oxidized/hook/slackdiff.rb
index b37c9c4..61f1743 100644
--- a/lib/oxidized/hook/slackdiff.rb
+++ b/lib/oxidized/hook/slackdiff.rb
@@ -10,7 +10,11 @@ class SlackDiff < Oxidized::Hook
if ctx.node
if ctx.event.to_s == "post_store"
log "Connecting to slack"
- client = Slack::Client.new token: cfg.token
+ Slack.configure do |config|
+ config.token = cfg.token
+ config.proxy = cfg.proxy if cfg.has_key?('proxy')
+ end
+ client = Slack::Client.new
client.auth_test
log "Connected"
gitoutput = ctx.node.output.new
diff --git a/lib/oxidized/model/airos.rb b/lib/oxidized/model/airos.rb
index 775005f..7d82956 100644
--- a/lib/oxidized/model/airos.rb
+++ b/lib/oxidized/model/airos.rb
@@ -1,14 +1,19 @@
class Airos < Oxidized::Model
# Ubiquiti AirOS circa 5.x
-
+
prompt /^[^#]+# /
-
+ comment '# '
+
cmd 'cat /etc/board.info' do |cfg|
cfg.split("\n").map { |line| "# #{line}" }.join("\n") + "\n"
end
-
+
+ cmd 'cat /etc/version' do |cfg|
+ comment "airos version: #{cfg}"
+ end
+
cmd 'sort /tmp/system.cfg'
-
+
cmd :secret do |cfg|
cfg.gsub! /^(users\.\d+\.password|snmp\.community)=.+/, "# \\1=<hidden>"
cfg
diff --git a/lib/oxidized/model/boss.rb b/lib/oxidized/model/boss.rb
new file mode 100644
index 0000000..02201a1
--- /dev/null
+++ b/lib/oxidized/model/boss.rb
@@ -0,0 +1,76 @@
+class Boss < Oxidized::Model
+ # Avaya Baystack Operating System Software(BOSS)
+ # Created by danielcoxman@gmail.com
+ # May 15, 2017
+ # This was tested on ers3510, ers5530, ers4850, ers5952
+ # ssh and telnet were tested with banner and without
+
+ comment '! '
+
+ prompt /^[^\s#>]+[#>]$/
+
+ # Handle the banner
+ # to disable the banner on BOSS the configuration parameter is "banner disabled"
+ expect /Enter Ctrl-Y to begin\./ do |data, re|
+ send "\cY"
+ data.sub re, ''
+ end
+
+ # Handle the Failed retries since last login
+ # no known way to disable other than to implement radius authentication
+ expect /Press ENTER to continue/ do |data, re|
+ send "\n"
+ data.sub re, ''
+ end
+
+ # Handle the menu on the older BOSS example ers55xx, ers56xx
+ # to disable them menu on BOSS the configuration parameter is "cmd-interface cli"
+ expect /ommand Line Interface\.\.\./ do |data, re|
+ send "c"
+ data.sub re, ''
+ end
+
+ # needed for proper formatting
+ cmd('') { |cfg| comment "#{cfg}\n" }
+
+ # Do a sys-info and check and see if it supports stack
+ cmd 'show sys-info' do |cfg|
+ @stack = true if cfg.match /Stack/
+ cfg.gsub! /(^((.*)sysUpTime(.*))$)/, 'removed sysUpTime'
+ cfg.gsub! /(^((.*)sysNtpTime(.*))$)/, 'removed sysNtpTime'
+ cfg.gsub! /(^((.*)sysRtcTime(.*))$)/, 'removed sysNtpTime'
+ # remove timestamp
+ cfg.gsub! /\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} .*/, ''
+ comment "#{cfg}\n"
+ end
+
+ # if a stack then collect the stacking information
+ cmd 'show stack-info' do |cfg|
+ if @stack
+ # remove timestamp
+ cfg.gsub! /\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} .*/, ''
+ comment "#{cfg}\n"
+ end
+ end
+
+ cmd 'show running-config' do |cfg|
+ cfg.gsub! /^show running-config/, '! show running-config'
+ # remove timestamp
+ cfg.gsub! /\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} .*/, ''
+ cfg.gsub! /^[^\s#>]+[#>]$/, ''
+ cfg.gsub! /^! clock set.*/, '! removed clock set'
+ cfg
+ end
+
+ cfg :telnet do
+ username /Username: /
+ password /Password: /
+ end
+
+ cfg :telnet, :ssh do
+ pre_logout 'logout'
+ post_login 'terminal length 0'
+ post_login 'terminal width 132'
+ end
+
+end
diff --git a/lib/oxidized/model/firewareos.rb b/lib/oxidized/model/firewareos.rb
index f2bef4c..f456c60 100644
--- a/lib/oxidized/model/firewareos.rb
+++ b/lib/oxidized/model/firewareos.rb
@@ -1,12 +1,18 @@
class FirewareOS < Oxidized::Model
- prompt /^\[?\w*\]?\w*<?\w*>?#\s*$/
+ prompt /^([\w.@-]+[#>]\s?)$/
comment '-- '
cmd :all do |cfg|
cfg.each_line.to_a[1..-2].join
end
+ # Handle Logon Disclaimer added in XTM 11.9.3
+ expect /^I have read and accept the Logon Disclaimer message. \(yes or no\)\? $/ do |data, re|
+ send "yes\n"
+ data.sub re, ''
+ end
+
cmd 'show sysinfo' do |cfg|
# avoid commits due to uptime
cfg = cfg.each_line.select { |line| not line.match /(.*time.*)|(.*memory.*)|(.*cpu.*)/ }
diff --git a/lib/oxidized/model/fortios.rb b/lib/oxidized/model/fortios.rb
index 2415537..0249933 100644
--- a/lib/oxidized/model/fortios.rb
+++ b/lib/oxidized/model/fortios.rb
@@ -15,7 +15,7 @@ class FortiOS < Oxidized::Model
end
cmd :secret do |cfg|
- cfg.gsub! /(set (?:passwd|password|psksecret)).*/, '\\1 <configuration removed>'
+ cfg.gsub! /(set (?:passwd|password|psksecret|secret|key ENC)).*/, '\\1 <configuration removed>'
cfg.gsub! /(set private-key).*-+END ENCRYPTED PRIVATE KEY-*"$/m , '\\1 <configuration removed>'
cfg
end
@@ -38,6 +38,7 @@ class FortiOS < Oxidized::Model
#do not include if variable "show_autoupdate" is set to false
if defined?(vars(:fortios_autoupdate)).nil? || vars(:fortios_autoupdate)
cfg << cmd('diagnose autoupdate version') do |cfg|
+ cfg.gsub! /(FDS Address\n---------\n).*/, '\\1IP Address removed'
comment cfg.each_line.reject { |line| line.match /Last Update|Result/ }.join
end
end
diff --git a/lib/oxidized/model/hirschmann.rb b/lib/oxidized/model/hirschmann.rb
new file mode 100644
index 0000000..82432d7
--- /dev/null
+++ b/lib/oxidized/model/hirschmann.rb
@@ -0,0 +1,41 @@
+class Hirschmann < Oxidized::Model
+
+ prompt /^[\(\w\s\w\)]+\s[>|#]+?$/
+
+ comment '## '
+
+ #Handle pager
+ expect /^--More--.*$/ do |data, re|
+ send 'a'
+ data.sub re, ''
+ end
+
+ cmd :all do |cfg|
+ cfg.each_line.to_a[1..-2].join
+ end
+
+ cmd 'show sysinfo' do |cfg|
+ cfg.gsub! /^System Up Time.*\n/, ""
+ cfg.gsub! /^System Date and Time.*\n/, ""
+ cfg.gsub! /^CPU Utilization.*\n/, ""
+ cfg.gsub! /^Memory.*\n/, ""
+ cfg.gsub! /^Average CPU Utilization.*\n/, ""
+ comment cfg
+ end
+
+ cmd 'show running-config' do |cfg|
+ cfg.gsub! /^users.*\n/, ""
+ cfg
+ end
+
+ cfg :telnet do
+ username /^User:/
+ password /^Password:/
+ end
+
+ cfg :telnet, :ssh do
+ post_login 'enable'
+ pre_logout 'logout'
+ end
+
+end
diff --git a/lib/oxidized/model/ios.rb b/lib/oxidized/model/ios.rb
index 94a3ab0..c3d5543 100644
--- a/lib/oxidized/model/ios.rb
+++ b/lib/oxidized/model/ios.rb
@@ -19,24 +19,96 @@ class IOS < Oxidized::Model
cmd :all do |cfg|
#cfg.gsub! /\cH+\s{8}/, '' # example how to handle pager
#cfg.gsub! /\cH+/, '' # example how to handle pager
+ # get rid of errors for commands that don't work on some devices
+ cfg.gsub! /^% Invalid input detected at '\^' marker\.$|^\s+\^$/, ''
cfg.each_line.to_a[1..-2].join
end
cmd :secret do |cfg|
cfg.gsub! /^(snmp-server community).*/, '\\1 <configuration removed>'
- cfg.gsub! /username (\S+) privilege (\d+) (\S+).*/, '<secret hidden>'
- cfg.gsub! /^username \S+ password \d \S+/, '<secret hidden>'
- cfg.gsub! /^username \S+ secret \d \S+/, '<secret hidden>'
- cfg.gsub! /^enable (password|secret) \d \S+/, '<secret hidden>'
+ cfg.gsub! /^(username \S+ privilege \d+) (\S+).*/, '\\1 <secret hidden>'
+ cfg.gsub! /^(username \S+ password \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(username \S+ secret \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(enable (password|secret) \d) (\S+)/, '\\1 <secret hidden>'
cfg.gsub! /^(\s+(?:password|secret)) (?:\d )?\S+/, '\\1 <secret hidden>'
- cfg.gsub! /wpa-psk ascii \d \S+/, '<secret hidden>'
- cfg.gsub! /key 7 \d.+/, '<secret hidden>'
- cfg.gsub! /^tacacs-server key \d \S+/, '<secret hidden>'
+ cfg.gsub! /^(.*wpa-psk ascii \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(.*key 7) (\d.+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(tacacs-server key \d) (\S+)/, '\\1 <secret hidden>'
+ cfg.gsub! /^(crypto isakmp key) (\S+) (.*)/, '\\1 <secret hidden> \\3'
cfg
end
cmd 'show version' do |cfg|
- comment cfg.lines.first
+ comments = []
+ comments << cfg.lines.first
+ lines = cfg.lines
+ lines.each_with_index do |line,i|
+ slave = ''
+ slaveslot = ''
+
+ if line.match /^Slave in slot (\d+) is running/
+ slave = " Slave:";
+ slaveslot = ", slot #{$1}";
+ end
+
+ if line.match /^Compiled (.*)$/
+ comments << "Image:#{slave} Compiled: #{$1}"
+ end
+
+ if line.match /^(?:Cisco )?IOS .* Software,? \(([A-Za-z0-9_-]*)\), .*Version\s+(.*)$/
+ comments << "Image:#{slave} Software: #{$1}, #{$2}"
+ end
+
+ if line.match /^ROM: (IOS \S+ )?(System )?Bootstrap.*(Version.*)$/
+ comments << "ROM Bootstrap: #{$3}"
+ end
+
+ if line.match /^BOOTFLASH: .*(Version.*)$/
+ comments << "BOOTFLASH: #{$1}"
+ end
+
+ if line.match /^(\d+[kK]) bytes of (non-volatile|NVRAM)/
+ comments << "Memory: nvram #{$1}"
+ end
+
+ if line.match /^(\d+[kK]) bytes of (flash memory|flash internal|processor board System flash|ATA CompactFlash)/i
+ comments << "Memory: flash #{$1}"
+ end
+
+ if line.match (/^(\d+[kK]) bytes of (Flash|ATA)?.*PCMCIA .*(slot|disk) ?(\d)/i)
+ comments << "Memory: pcmcia #{$2} #{$3}#{$4} #{$1}";
+ end
+
+ if line.match /(\S+(?:\sseries)?)\s+(?:\((\S+)\)\s+processor|\(revision[^)]+\)).*\s+with (\S+k) bytes/i
+ sproc = $1
+ cpu = $2
+ mem = $3
+ cpuxtra = ''
+ comments << "Chassis type:#{slave} #{sproc}";
+ comments << "Memory:#{slave} main #{mem}";
+ # check the next two lines for more CPU info
+ if cfg.lines[i+1].match /processor board id (\S+)/i
+ comments << "Processor ID: #{$1}";
+ end
+ if cfg.lines[i+2].match /(cpu at |processor: |#{cpu} processor,)/i
+ # change implementation to impl and prepend comma
+ cpuxtra = cfg.lines[i+2].gsub(/implementation/,'impl').gsub(/^/,', ').chomp;
+ end
+ comments << "CPU:#{slave} #{cpu}#{cpuxtra}#{slaveslot}";
+ end
+
+ if line.match /^System image file is "([^\"]*)"$/
+ comments << "Image: #{$1}"
+ end
+ end
+ comments << "\n"
+ comment comments.join "\n"
+ end
+
+ cmd 'show vtp status' do |cfg|
+ cfg.gsub! /^$\n/, ''
+ cfg.gsub! /^/, 'VTP: ' if (!cfg.empty?)
+ comment "#{cfg}\n"
end
cmd 'show inventory' do |cfg|
diff --git a/lib/oxidized/model/mlnxos.rb b/lib/oxidized/model/mlnxos.rb
index 97e7098..49f3369 100644
--- a/lib/oxidized/model/mlnxos.rb
+++ b/lib/oxidized/model/mlnxos.rb
@@ -42,6 +42,6 @@ class MLNXOS < Oxidized::Model
cfg :ssh do
password /^Password:\s*/
- pre_logout 'exit'
+ pre_logout "\nexit"
end
end
diff --git a/lib/oxidized/model/netgear.rb b/lib/oxidized/model/netgear.rb
new file mode 100644
index 0000000..08c64d3
--- /dev/null
+++ b/lib/oxidized/model/netgear.rb
@@ -0,0 +1,32 @@
+class Netgear < Oxidized::Model
+
+ comment '!'
+ prompt /^(\([\w-]+\)\s[#>])$/
+
+ cmd :secret do |cfg|
+ cfg.gsub!(/password (\S+)/, 'password <hidden>')
+ cfg
+ end
+
+ cfg :telnet, :ssh do
+ if vars :enable
+ post_login do
+ cmd 'enable'
+ # Interpret enable: true as meaning we won't be prompted for a password
+ unless vars(:enable).is_a? TrueClass
+ expect /[pP]assword:\s?$/
+ cmd vars(:enable) + "\n"
+ end
+ expect /^.+[#]$/
+ end
+ end
+ post_login 'terminal length 0'
+ pre_logout 'exit'
+ pre_logout 'quit'
+ end
+
+ cmd 'show running-config' do |cfg|
+ cfg.gsub! /^(!.*Time).*$/, '\1'
+ end
+
+end
diff --git a/lib/oxidized/model/pfsense.rb b/lib/oxidized/model/pfsense.rb
index 782969e..5849160 100644
--- a/lib/oxidized/model/pfsense.rb
+++ b/lib/oxidized/model/pfsense.rb
@@ -3,7 +3,7 @@ class PfSense < Oxidized::Model
# use other use than 'admin' user, 'admin' user cannot get ssh/exec. See issue #535
cmd :all do |cfg|
- cfg.each_line.to_a[1..-2].join
+ cfg.each_line.to_a[1..-1].join
end
cmd 'cat /cf/conf/config.xml' do |cfg|
diff --git a/lib/oxidized/model/powerconnect.rb b/lib/oxidized/model/powerconnect.rb
index ac36c26..618f05a 100644
--- a/lib/oxidized/model/powerconnect.rb
+++ b/lib/oxidized/model/powerconnect.rb
@@ -67,6 +67,7 @@ class PowerConnect < Oxidized::Model
end
out << line.strip
end
+ out = out.select { |line| not line[/Up\sTime/] }
out = comment out.join "\n"
out << "\n"
end
diff --git a/lib/oxidized/model/quantaos.rb b/lib/oxidized/model/quantaos.rb
index 274440d..5197aa8 100644
--- a/lib/oxidized/model/quantaos.rb
+++ b/lib/oxidized/model/quantaos.rb
@@ -12,7 +12,7 @@ class QuantaOS < Oxidized::Model
end
cfg :telnet do
- username /^Username:/
+ username /^User(name)?:/
password /^Password:/
end
diff --git a/lib/oxidized/model/routeros.rb b/lib/oxidized/model/routeros.rb
index 5717100..31650c7 100644
--- a/lib/oxidized/model/routeros.rb
+++ b/lib/oxidized/model/routeros.rb
@@ -10,6 +10,10 @@ class RouterOS < Oxidized::Model
comment cfg
end
+ cmd '/system history print' do |cfg|
+ comment cfg
+ end
+
cmd '/export' do |cfg|
cfg.gsub! /\x1B\[([0-9]{1,3}((;[0-9]{1,3})*)?)?[m|K]/, '' # strip ANSI colours
cfg.gsub! /\\\r\n\s+/, '' # strip new line
@@ -22,6 +26,10 @@ class RouterOS < Oxidized::Model
password /^Password:/
end
+ cfg :telnet, :ssh do
+ pre_logout 'quit'
+ end
+
cfg :ssh do
exec true
end
diff --git a/lib/oxidized/model/siklu.rb b/lib/oxidized/model/siklu.rb
new file mode 100644
index 0000000..2bdfbc3
--- /dev/null
+++ b/lib/oxidized/model/siklu.rb
@@ -0,0 +1,19 @@
+class Siklu < Oxidized::Model
+
+ # Siklu EtherHaul #
+
+ prompt /^[\w-]+>$/
+
+ cmd 'copy startup-configuration display' do |cfg|
+ cfg.each_line.to_a[2..2].join
+ end
+
+ cmd 'copy running-configuration display' do |cfg|
+ cfg.each_line.to_a[3..-2].join
+ end
+
+ cfg :ssh do
+ pre_logout 'exit'
+ end
+
+end
diff --git a/lib/oxidized/model/voltaire.rb b/lib/oxidized/model/voltaire.rb
new file mode 100644
index 0000000..1e7fad2
--- /dev/null
+++ b/lib/oxidized/model/voltaire.rb
@@ -0,0 +1,56 @@
+class VOLTAIRE < Oxidized::Model
+
+ prompt /([\w.@()-\[:\s\]]+[#>]\s|(One or more tests have failed.*))$/
+ comment '## '
+
+ # Pager Handling
+ expect /.+lines\s\d+\-\d+([\s]|\/\d+\s\(END\)\s).+$/ do |data, re|
+ send ' '
+ data.sub re, ''
+ end
+
+
+ cmd :all do |cfg|
+ cfg.gsub! /\[\?1h=\r/, '' # Pager Handling
+ cfg.gsub! /\r\[K/,'' # Pager Handling
+ cfg.gsub! /\s/, '' # Linebreak Handling
+ cfg.gsub! /^CPU\ load\ averages\:\s.+/, '' # Omit constantly changing CPU info
+ cfg.gsub! /^System\ memory\:\s.+/, '' # Omit constantly changing memory info
+ cfg.gsub! /^Uptime\:\s.+/, '' # Omit constantly changing uptime info
+ cfg.gsub! /.+Generated\ at\s\d+.+/, '' # Omit constantly changing generation time info
+ cfg = cfg.lines.to_a[2..-3].join
+ end
+
+ cmd :secret do |cfg|
+ cfg.gsub! /(snmp-server community).*/, ' <snmp-server community configuration removed>'
+ cfg.gsub! /username (\S+) password (\d+) (\S+).*/, '<secret hidden>'
+ cfg
+ end
+
+
+ cmd 'version show' do |cfg|
+ comment cfg
+ end
+
+ cmd 'firmware-version show' do |cfg|
+ comment cfg
+ end
+
+ cmd 'remote show' do |cfg|
+ cfg
+ end
+
+ cmd 'sm-info show' do |cfg|
+ cfg
+ end
+
+ cmd ' show' do |cfg|
+ cfg
+ end
+
+ cfg :ssh do
+ post_login "no\n"
+ password /^Password:\s*/
+ pre_logout 'exit'
+ end
+end
diff --git a/lib/oxidized/model/voss.rb b/lib/oxidized/model/voss.rb
new file mode 100644
index 0000000..599462a
--- /dev/null
+++ b/lib/oxidized/model/voss.rb
@@ -0,0 +1,36 @@
+class Voss < Oxidized::Model
+ # Avaya VSP Operating System Software(VOSS)
+ # Created by danielcoxman@gmail.com
+ # May 15, 2017
+ # This was tested on vsp4k and vsp8k
+
+ comment '# '
+
+ prompt /^[^\s#>]+[#>]$/
+
+ # needed for proper formatting after post_login
+ cmd('') { |cfg| comment "#{cfg}\n" }
+ # get some general information about switch
+ cmd('show sys-info card') { |cfg| comment "#{cfg}\n" }
+ cmd('show sys-info fan') { |cfg| comment "#{cfg}\n" }
+ cmd('show sys-info power') { |cfg| comment "#{cfg}\n" }
+
+ # more the config rather than doing a show run
+ cmd 'more config.cfg' do |cfg|
+ cfg
+ cfg.gsub! /^[^\s#>]+[#>]$/, ''
+ cfg.gsub! /^more config.cfg/, '# more config.cfg'
+ end
+
+ cfg :telnet do
+ username /Login: $/
+ password /Password: $/
+ end
+
+ cfg :telnet, :ssh do
+ pre_logout 'exit'
+ post_login 'enable'
+ post_login 'terminal more disable'
+ end
+
+end
diff --git a/lib/oxidized/model/vrp.rb b/lib/oxidized/model/vrp.rb
index 12a9ca3..98229c3 100644
--- a/lib/oxidized/model/vrp.rb
+++ b/lib/oxidized/model/vrp.rb
@@ -4,6 +4,12 @@ class VRP < Oxidized::Model
prompt /^(<[\w.-]+>)$/
comment '# '
+ cmd :secret do |cfg|
+ cfg.gsub! /(pin verify (?:auto|)).*/, '\\1 <PIN hidden>'
+ cfg.gsub! /(%\^%#.*%\^%#)/, '<secret hidden>'
+ cfg
+ end
+
cmd :all do |cfg|
cfg.each_line.to_a[1..-2].join
end
diff --git a/lib/oxidized/node.rb b/lib/oxidized/node.rb
index 6f89b56..8d0d0af 100644
--- a/lib/oxidized/node.rb
+++ b/lib/oxidized/node.rb
@@ -166,18 +166,32 @@ module Oxidized
end
def resolve_repo opt
- return unless is_git? opt
-
- remote_repo = Oxidized.config.output.git.repo
-
- if remote_repo.is_a?(::String)
- if Oxidized.config.output.git.single_repo? || @group.nil?
- remote_repo
+ if is_git? opt
+ remote_repo = Oxidized.config.output.git.repo
+
+ if remote_repo.is_a?(::String)
+ if Oxidized.config.output.git.single_repo? || @group.nil?
+ remote_repo
+ else
+ File.join(File.dirname(remote_repo), @group + '.git')
+ end
+ else
+ remote_repo[@group]
+ end
+ elsif is_gitcrypt? opt
+ remote_repo = Oxidized.config.output.gitcrypt.repo
+
+ if remote_repo.is_a?(::String)
+ if Oxidized.config.output.gitcrypt.single_repo? || @group.nil?
+ remote_repo
+ else
+ File.join(File.dirname(remote_repo), @group + '.git')
+ end
else
- File.join(File.dirname(remote_repo), @group + '.git')
+ remote_repo[@group]
end
else
- remote_repo[@group]
+ return
end
end
@@ -202,6 +216,14 @@ module Oxidized
end
end
+ #model
+ if Oxidized.config.models.has_key?(@model.class.name.to_s.downcase)
+ if Oxidized.config.models[@model.class.name.to_s.downcase].has_key?(key_str)
+ value = Oxidized.config.models[@model.class.name.to_s.downcase][key_str]
+ Oxidized.logger.debug "node.rb: setting node key '#{key}' to value '#{value}' from model"
+ end
+ end
+
#node
value = opt[key_sym] || value
Oxidized.logger.debug "node.rb: returning node key '#{key}' with value '#{value}'"
@@ -212,5 +234,9 @@ module Oxidized
(opt[:output] || Oxidized.config.output.default) == 'git'
end
+ def is_gitcrypt? opt
+ (opt[:output] || Oxidized.config.output.default) == 'gitcrypt'
+ end
+
end
end
diff --git a/lib/oxidized/output/gitcrypt.rb b/lib/oxidized/output/gitcrypt.rb
new file mode 100644
index 0000000..b0d80f2
--- /dev/null
+++ b/lib/oxidized/output/gitcrypt.rb
@@ -0,0 +1,244 @@
+module Oxidized
+ class GitCrypt < Output
+ class GitCryptError < OxidizedError; end
+ begin
+ require 'git'
+ rescue LoadError
+ raise OxidizedError, 'git not found: sudo gem install ruby-git'
+ end
+
+ attr_reader :commitref
+
+ def initialize
+ @cfg = Oxidized.config.output.gitcrypt
+ @gitcrypt_cmd = "/usr/bin/git-crypt"
+ @gitcrypt_init = @gitcrypt_cmd + " init"
+ @gitcrypt_unlock = @gitcrypt_cmd + " unlock"
+ @gitcrypt_lock = @gitcrypt_cmd + " lock"
+ @gitcrypt_adduser = @gitcrypt_cmd + " add-gpg-user --trusted "
+ end
+
+ def setup
+ if @cfg.empty?
+ Oxidized.asetus.user.output.gitcrypt.user = 'Oxidized'
+ Oxidized.asetus.user.output.gitcrypt.email = 'o@example.com'
+ Oxidized.asetus.user.output.gitcrypt.repo = File.join(Config::Root, 'oxidized.git')
+ Oxidized.asetus.save :user
+ raise NoConfig, 'no output git config, edit ~/.config/oxidized/config'
+ end
+
+ if @cfg.repo.respond_to?(:each)
+ @cfg.repo.each do |group, repo|
+ @cfg.repo["#{group}="] = File.expand_path repo
+ end
+ else
+ @cfg.repo = File.expand_path @cfg.repo
+ end
+ end
+
+ def crypt_init repo
+ repo.chdir do
+ system(@gitcrypt_init)
+ @cfg.users.each do |user|
+ system("#{@gitcrypt_adduser} #{user}")
+ end
+ File.write(".gitattributes", "* filter=git-crypt diff=git-crypt\n.gitattributes !filter !diff")
+ repo.add(".gitattributes")
+ repo.commit("Initial commit: crypt all config files")
+ end
+ end
+
+ def lock repo
+ repo.chdir do
+ system(@gitcrypt_lock)
+ end
+ end
+
+ def unlock repo
+ repo.chdir do
+ system(@gitcrypt_unlock)
+ end
+ end
+
+ def store file, outputs, opt={}
+ @msg = opt[:msg]
+ @user = (opt[:user] or @cfg.user)
+ @email = (opt[:email] or @cfg.email)
+ @opt = opt
+ @commitref = nil
+ repo = @cfg.repo
+
+ outputs.types.each do |type|
+ type_cfg = ''
+ type_repo = File.join(File.dirname(repo), type + '.git')
+ outputs.type(type).each do |output|
+ (type_cfg << output; next) if not output.name
+ type_file = file + '--' + output.name
+ if @cfg.type_as_directory?
+ type_file = type + '/' + type_file
+ type_repo = repo
+ end
+ update type_repo, type_file, output
+ end
+ update type_repo, file, type_cfg
+ end
+
+ update repo, file, outputs.to_cfg
+ end
+
+
+ def fetch node, group
+ begin
+ repo, path = yield_repo_and_path(node, group)
+ repo = Git.open repo
+ unlock repo
+ index = repo.index
+ # Empty repo ?
+ empty = File.exists? index.path
+ if empty
+ raise 'Empty git repo'
+ else
+ File.read path
+ end
+ lock repo
+ rescue
+ 'node not found'
+ end
+ end
+
+ # give a hash of all oid revision for the given node, and the date of the commit
+ def version node, group
+ begin
+ repo, path = yield_repo_and_path(node, group)
+
+ repo = Git.open repo
+ unlock repo
+ walker = repo.log.path(path)
+ i = -1
+ tab = []
+ walker.each do |commit|
+ hash = {}
+ hash[:date] = commit.date.to_s
+ hash[:oid] = commit.objectish
+ hash[:author] = commit.author
+ hash[:message] = commit.message
+ tab[i += 1] = hash
+ end
+ walker.reset
+ tab
+ rescue
+ 'node not found'
+ end
+ end
+
+ #give the blob of a specific revision
+ def get_version node, group, oid
+ begin
+ repo, path = yield_repo_and_path(node, group)
+ repo = Git.open repo
+ unlock repo
+ repo.gtree(oid).files[path].contents
+ rescue
+ 'version not found'
+ ensure
+ lock repo
+ end
+ end
+
+ #give a hash with the patch of a diff between 2 revision and the stats (added and deleted lines)
+ def get_diff node, group, oid1, oid2
+ begin
+ diff_commits = nil
+ repo, path = yield_repo_and_path(node, group)
+ repo = Git.open repo
+ unlock repo
+ commit = repo.gcommit(oid1)
+
+ if oid2
+ commit_old = repo.gcommit(oid2)
+ diff = repo.diff(commit_old, commit)
+ stats = [diff.stats[:files][node.name][:insertions], diff.stats[:files][node.name][:deletions]]
+ diff.each do |patch|
+ if /#{node.name}\s+/.match(patch.patch.to_s.lines.first)
+ diff_commits = {:patch => patch.patch.to_s, :stat => stats}
+ break
+ end
+ end
+ else
+ stat = commit.parents[0].diff(commit).stats
+ stat = [stat[:files][node.name][:insertions],stat[:files][node.name][:deletions]]
+ patch = commit.parents[0].diff(commit).patch
+ diff_commits = {:patch => patch, :stat => stat}
+ end
+ lock repo
+ diff_commits
+ rescue
+ 'no diffs'
+ ensure
+ lock repo
+ end
+ end
+
+ private
+
+ def yield_repo_and_path(node, group)
+ repo, path = node.repo, node.name
+
+ if group and @cfg.single_repo?
+ path = "#{group}/#{node.name}"
+ end
+
+ [repo, path]
+ end
+
+ def update repo, file, data
+ return if data.empty?
+
+ if @opt[:group]
+ if @cfg.single_repo?
+ file = File.join @opt[:group], file
+ else
+ repo = if repo.is_a?(::String)
+ File.join File.dirname(repo), @opt[:group] + '.git'
+ else
+ repo[@opt[:group]]
+ end
+ end
+ end
+
+ begin
+ update_repo repo, file, data, @msg, @user, @email
+ rescue Git::GitExecuteError, ArgumentError => open_error
+ Oxidized.logger.debug "open_error #{open_error} #{file}"
+ begin
+ grepo = Git.init repo
+ crypt_init grepo
+ rescue => create_error
+ raise GitCryptError, "first '#{open_error.message}' was raised while opening git repo, then '#{create_error.message}' was while trying to create git repo"
+ end
+ retry
+ end
+ end
+
+ def update_repo repo, file, data, msg, user, email
+ grepo = Git.open repo
+ grepo.config('user.name', user)
+ grepo.config('user.email', email)
+ grepo.chdir do
+ unlock grepo
+ File.write(file, data)
+ grepo.add(file)
+ if grepo.status[file].nil?
+ grepo.commit(msg)
+ @commitref = grepo.log(1).first.objectish
+ true
+ elsif !grepo.status[file].type.nil?
+ grepo.commit(msg)
+ @commitref = grepo.log(1).first.objectish
+ true
+ end
+ lock grepo
+ end
+ end
+ end
+end
diff --git a/lib/oxidized/version.rb b/lib/oxidized/version.rb
index 073aae9..221cffa 100644
--- a/lib/oxidized/version.rb
+++ b/lib/oxidized/version.rb
@@ -1,3 +1,3 @@
module Oxidized
- VERSION = '0.19.0'
+ VERSION = '0.20.0'
end