LibreNMS && Oxidized 備份網管設備設定檔
BUBU 之前有看到節省哥分享此服務,曾經試架設過一次,但是後來失敗,最近有看到這類的文章出現,因此再次架設此套件,目前架設已成功可以正常運行,此篇我先初步寫下流程,之後再找時間驗證該流程是否正確
運行環境
環境都是在 「Proxmox VE 」 虛擬系統上架設,都是以 「 LXC 」模式為主,除非有特殊狀況會告知使用 「 VM 」 模式
- 系統環境: Debian 10
安裝或測試過程
安裝官方套件
- 安裝必要套件
apt-get install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev libicu-dev zlib1g-dev g++
- 安裝服務套件
gem install oxidized
gem install oxidized-script oxidized-web
- 設定服務使用者
adduser oxidized
- 切換使用者
su - oxidized
- 執行幾次服務指令
oxidized
LibreNMS && Oxidized 設定
- oxidized 設定檔
vim home/oxidized/.config/oxidized/config
修改前
username: username
password: password
rest: 127.0.0.1:8888
output:
default: file
file:
directory: "/root/.config/oxidized/configs"
source:
default: csv
csv:
file: "/root/.config/oxidized/router.db"
delimiter: !ruby/regexp /:/
map:
name: 0
model: 1
gpg: false
修改後
填入登入的帳號密碼
username: username
password: password
修改成 oxidized 位置
rest: 127.0.0.1:8888
修改成 git 之後再設定再傳送到 gitea 服務裡面
output:
default: git
git:
user: oxidized
email: [email protected]
repo: "/home/oxidized1/.config/oxidized/oxidized.git" 設定要存放的位置
設定跟 librenms 連線
source:
default: http
debug: false
http:
url: https://librenms/api/v0/oxidized
map:
name: hostname
model: os
group: group
headers:
X-Auth-Token: 'APIkey'
- 修改 LibreNMS 設定檔
# Oxidized configuration
$config['oxidized']['enabled'] = TRUE;
$config['oxidized']['url'] = 'http://oxidized 位置:8888';
$config['oxidized']['features']['versioning'] = true;
$config['oxidized']['group_support'] = false;
$config['oxidized']['default_group'] = 'false';
$config['oxidized']['reload_nodes'] = true;
$config['oxidized']['maps']['group']['os'][] = array('match' => 'pfsense', 'group' => 'pfsense');
$config['oxidized']['ignore_os'] = array('ping', 'linux', 'generic');
設定 oxidized 服務檔
- 設定檔位置
vim /etc/systemd/system/oxidized.service
# Put this file in /etc/systemd/system.
#
# To set OXIDIZED_HOME instead of the default,
# ~oxidized/.config/oxidized, uncomment (and modify as required) the
# "Environment" variable below so systemd sets the correct
# environment.
[Unit]
Description=Oxidized - Network Device Configuration Backup Tool
After=network-online.target multi-user.target
Wants=network-online.target
[Service]
ExecStart=/usr/local/bin/oxidized
User=oxidized
KillSignal=SIGKILL
#Environment="OXIDIZED_HOME=/etc/oxidized"
Restart=on-failure
RestartSec=300s
[Install]
WantedBy=multi-user.target
- 啟動服務
systemctl start oxidized.service && systemctl enable oxidized.service