0

I use RANCID to back up router and switch configurations.

I'd also like to be able to have it take automatic backups of configuration files on my servers so I can easily see when changes occur and if something breaks, revert to the last known config.

There are a number of approaches to this, but RANCID has everything I'm looking for in terms of features and I already use it, so it would be ideal if I could have it built in to that.

I see this question from 9 years ago asking the same thing and the top answer pretty much just says "build your own module" - I've had a look at the RANCID modules and I can't wrap my head around how to do that, so looking to see if in the past 9 years if anyone knows of a module that's now out there for this.

Edit: Not yet a complete solution, but I found this repository which seems to have the basics for what I'd need to be able to grab files by SCP and load them into RANCID: https://github.com/drewbeer/rancid-scp

bdx
  • 105
  • 1
  • 7
  • 1
    Not a direct answer, but a possible other suggestion: Check on ytti/oxidized, it's a RANCID replacement, but has a more active development team. – KHobbits Feb 25 '21 at 00:11

1 Answers1

0

By adapting the code found at https://github.com/drewbeer/rancid-scp, I've got a working solution in place now, requiring the following:

SCP option

  1. Create script to retrieve and store config via SCP. This script must be given the execute permissions.

$RANCID_HOME/bin/rancid-scp

!/bin/sh

# Copy a devices configuration via SCP and store it with rancid. should work on anything
#
# Writted by David Schweikert, 2016-11-03
# rewritten by DrewBeer to make it generic and work with any username, and config
# Modified by serverfault.com/users/121718/bdx, 2021-04-05 to make it work with SSH keys instead of password auth
# Downloaded from https://github.com/drewbeer/rancid-scp
#
# License: same as rancid version 3 (BSD-style)
#
# Note: for this to work you need to enable scp on the device in question.
# Gets username from $RANCID_HOME/.cloginrc

CONFIG_FILE=$1
ARG_HOST=$2
ARG_FILE="$ARG_HOST.new"

usage() {
  echo "usage: /usr/local/libexec/rancid/rancid-scp remote_file_path hostname" 2>&1
  exit 1
}

get_user() {
  USER=`grep $1 $HOME/.cloginrc|grep user|sed 's/\s\+/ /g'|cut -d' ' -f4`
}

if [ -z "$ARG_HOST" ]; then
  usage
fi
if [ -z "$CONFIG_FILE" ]; then
  usage
fi

get_user $ARG_HOST

expect -c "  
  set timeout 10
  spawn scp $USER@$ARG_HOST:$CONFIG_FILE $ARG_FILE
  expect eof
"
  1. Append a line to rancid.types to reference the script with the path of the file you want to extract from the target device(s) of this type.

$RANCID_HOME/etc/rancid.types.conf

myservertype;script;rancid-scp /path/to/my/server.conf
  1. Append entries to your device database to reference the new type

$RANCID_HOME/var/devices/servers.db

192.168.1.10;myservertype;up
192.168.1.11;myservertype;up

HTTP API option

The same principles in steps 2 and 3 from the SCP option applies, I've just created this script to grab config from a specific device's HTTP API as well, here as a bonus:

$RANCID_HOME/bin/an-http-config

#!/bin/sh

ARG_HOST=$1
ARG_FILE="$ARG_HOST.new"

usage() {
  echo "usage: /usr/local/libexec/rancid/an-http-config hostname" 2>&1
  exit 1
}

if [ -z "$ARG_HOST" ]; then
  usage
fi

expect -c "  
  set timeout 10
  spawn wget -O $ARG_FILE --http-user=rancid --http-password=abcd1234  https://$ARG_HOST/api/config/get
  expect eof
"
bdx
  • 105
  • 1
  • 7