Descriptrion
Oxidized is a network device configuration backup tool. It’s a RANCID replacement!
Light and extensible, Oxidized supports over 130 operating system types.
Feature highlights:
- Automatically adds/removes threads to meet configured retrieval interval
- Restful API to a move node immediately to head-of-queue (GET/POST /node/next/[NODE])
- Syslog udp+file example to catch config change events (IOS/JunOS) and trigger a config fetch
- Will signal which IOS/JunOS user made the change, can then be used by output modules (via POST)
- The
gitoutput module uses this info – ‘git blame’ will show who changed each line, and when
- Restful API to reload list of nodes (GET /reload)
- Restful API to fetch configurations (/node/fetch/[NODE] or /node/fetch/group/[NODE])
- Restful API to show list of nodes (GET /nodes)
- Restful API to show list of version for a node (/node/version[NODE]) and diffs
Installations Scripts
Oxidized
https://github.com/hermanwjacobsen/scripts/blob/master/oxidized-installation.sh
Oxidized with mysql
https://github.com/hermanwjacobsen/scripts/blob/master/oxidized-mysql-installation.sh
These scripts are made for lab enviorement, and you should look through it before installing this, and defently go through security if used in production
Configuration Files
Configuration (Username/Password / device default config / Other config like Timout, logging, etc)
/opt/oxidized/.config/oxidized/config
Router/Switch Databast ( where you add your devices )
/opt/oxidized/.config/oxidized/router.db
Add authentication to oxidized ( Basic Authentication ) since this installation of oxidized is running on nginx, you can use all authentication modules ngingx supports
add this to the nginx config ( /etc/nginx/sites-enabled/oxidized )
location / {
auth_basic "Administrator’s Area";
auth_basic_user_file /etc/nginx/.oxidized-htpasswd;
proxy_pass http://127.0.0.1:8888/;
}
Create ht-passwd file
htpasswd -c /etc/nginx/.oxidized-htpasswd user1
restart nginx service
service nginx restart