#############查看config文件路径##############
oxidized

###############修改config文件路径##############
vim /root/.config/oxidized/config

---

username: username #不用改，在router.db中设置
password: password #不用改，在router.db中设置
model: junos #不用改，在router.db中设置
resolve_dns: true
interval: 3600 #版本对比周期，秒，一小时一对比
log: /root/.config/oxidized/logs/oxidized.log
use_syslog: false
debug: false
threads: 30
use_max_threads: false
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 192.168.77.204:8888 #web地址
next_adds_job: false
vars: {}
groups: {}
group_map: {}
models: {}
pid: “/root/.config/oxidized/pid”
crash:
directory: “/root/.config/oxidized/crashes”
hostnames: false
stats:
history_size: 10
input: #连接设备模式
default: ssh, telnet
debug: false
ssh:
secure: false
ftp:
passive: true
utf8_encoded: true

#如果Output选择git方式，则需要先yum install git -y
##############安装git，如果配置中的 output: default: git时才需要进行如下操作###################
#安装git
yum install git -y

#查看git版本
git --version

#配置git用户名，先不设置，看能不能行
#git config --global user.name “Oxidized”

#配置git邮箱，先不设置，看能不能行
#git config --global user.email “oxidized@example.com”

##################################################################################
#output: #导出配置模式 git 方式

default: git #通过git对比配置

git:

user: Oxidized #git账号，需要在系统上安装git并设置

email: oxidized@example.com #git邮箱，需要在系统上安装git并设置

repo: “/root/.config/oxidized/git-repos/default.git” #定义路径

output: #导出配置模式 file 方式
default: file #file模式不会像git有配置版本管理
file:
directory: “/root/.config/oxidized/configs”

#Output 部分备注
#根据官方文档，output 有 File, GIT, GIT-Crypt 和 HTTP，其中 git 和 file 方式常见，
#默认为 file，也就是本地存储的方式，需要一个目录，默认配置路径为 ~/.config/oxidized/configs,
#如果报错提示不存在该目录，也可以和 source 部分的 tree 结果对比，确实不存在，创建该目录即可解决该问题。
#mkdir -p ~/.config/oxidized/configs
#执行oxidized命令，此时可以看到正常运行，router.rb 里的节点正常节点,Ctrl+C停止服务，查看备份的配置。

source:
default: csv
csv:
file: “/root/.config/oxidized/router.db” #需要备份的网络设备，信息放在这里
delimiter: !ruby/regexp /
map:
name: 0 #设备信息按照如下定义的0、1、2、3、4、5代表的内容进行录入
ip: 1
model: 2
username: 3
password: 4
group: 5
gpg: false
model_map:
juniper: junos
cisco: ios

#############将oxidized加入开机自启##############
[root@oxidized oxidized]# find / -name oxidized.service
/usr/local/lib/ruby/gems/3.1.0/gems/oxidized-0.26.3/extra/oxidized.service
[root@oxidized oxidized]# cp /usr/local/lib/ruby/gems/3.1.0/gems/oxidized-0.29.1/extra/oxidized.service /etc/systemd/system
[root@oxidized oxidized]# vi /etc/systemd/system/oxidized.service
#将启动用户改成root

Put this file in /etc/systemd/system.

To set OXIDIZED_HOME instead of the default,

~oxidized/.config/oxidized, uncomment (and modify as required) the

“Environment” variable below so systemd sets the correct

environment.

[Unit]
Description=Oxidized - Network Device Configuration Backup Tool
After=network-online.target multi-user.target
Wants=network-online.target

[Service]
ExecStart=/usr/local/bin/oxidized
User=root #将启动用户改成root
KillSignal=SIGKILL
#Environment=“OXIDIZED_HOME=/etc/oxidized”
Restart=on-failure
RestartSec=300s

[Install]
WantedBy=multi-user.target

[root@oxidized oxidized]# systemctl enable oxidized

##############设置router.db，录入网络设备信息################
[root@oxidized oxidized]# vi router.db
#按照oxidized安装步骤中定义的0、1、2、3、4、5代表的内容进行录入,例如:
#name:ip:model:user:password:group
5F-WifiPOE:172.17.4.2:comware:admin:password:Switch
router_1:172.16.2.1:vrp:admin:password:Route

#厂商对应model:
#H3C
#comware
#锐捷FW/飞塔FW
#fortios
#华为
#vrp

#################修改oxidized时区########################
#默认是UTC，需要改成CST
#Oxidized Web Last Update 使用 UTC 时间，和 CST 时间差8个小时

#查找 oxidized.js 文件

find / -name oxidized.js
Ubuntu：/var/lib/gems/2.7.0/gems/oxidized-web-0.13.1/lib/oxidized/web/public/scripts/oxidized.js
Centos、OpenEuler、Red Hat：/usr/local/lib/ruby/gems/3.1.0/gems/oxidized-web-0.13.1/lib/oxidized/web/public/scripts/oxidized.js

vi /usr/local/lib/ruby/gems/3.1.0/gems/oxidized-web-0.13.1/lib/oxidized/web/public/scripts/oxidized.js
#改成下面这样
注释这行 //var timeZone = date.toString().match(/(.*)/)[0].match(/[A-Z]/g).join(‘’);
注释这行 //$(this).text(year + ‘-’ + month + ‘-’ + day + ’ ’ + hour + ‘:’ + minute + ‘:’ + second + ’ ’ + timeZone);
$(this).text(year + ‘-’ + month + ‘-’ + day + ’ ’ + hour + ‘:’ + minute + ‘:’ + second + ’ ');

#################修改Oxidized的配置文件，指定net-ssh为最新版本###########
#更新net-ssh
gem install net-ssh
find / -name oxidized.gemspec
vi /usr/local/lib/ruby/gems/3.1.0/gems/oxidized-0.29.1/oxidized.gemspec
修改
s.add_runtime_dependency ‘net-ssh’, ‘~> 7.2.3’

find / -name oxidized-0.29.1.gemspec
vi /usr/local/lib/ruby/gems/3.1.0/specifications/oxidized-0.29.1.gemspec
修改
s.add_runtime_dependency(%q.freeze, [“~> 7.2.3”])

#################启动oxidized###################
[root@oxidized oxidized]# systemctl start oxidized
[root@oxidized oxidized]# systemctl status oxidized
● oxidized.service - Oxidized - Network Device Configuration Backup Tool
Loaded: loaded (/etc/systemd/system/oxidized.service; enabled; vendor preset: disabled)
Active: active (running) since Wed 2024-04-10 15:34:01 CST; 5s ago
Main PID: 26643 (oxidized)
Tasks: 8 (limit: 8922)
Memory: 36.8M
CGroup: /system.slice/oxidized.service
└─ 26643 “puma 3.11.4 (tcp://192.168.77.204:8888) [/]”

4月 10 15:34:01 localhost.localdomain systemd[1]: Started Oxidized - Network Device Configuration Backup Tool.
4月 10 15:34:01 localhost.localdomain oxidized[26643]: I, [2024-04-10T15:34:01.314536 #26643] INFO – : Oxidized starting, running as pid 26643
4月 10 15:34:01 localhost.localdomain oxidized[26643]: I, [2024-04-10T15:34:01.314919 #26643] INFO – : lib/oxidized/nodes.rb: Loading nodes
4月 10 15:34:01 localhost.localdomain oxidized[26643]: I, [2024-04-10T15:34:01.401029 #26643] INFO – : lib/oxidized/nodes.rb: Loaded 1 nodes
4月 10 15:34:01 localhost.localdomain oxidized[26643]: Puma starting in single mode…
4月 10 15:34:01 localhost.localdomain oxidized[26643]: * Version 3.11.4 (ruby 3.1.4-p223), codename: Love Song
4月 10 15:34:01 localhost.localdomain oxidized[26643]: * Min threads: 0, max threads: 16
4月 10 15:34:01 localhost.localdomain oxidized[26643]: * Environment: development
4月 10 15:34:01 localhost.localdomain oxidized[26643]: * Listening on tcp://192.168.77.204:8888

[root@oxidized oxidized]# netstat-lntup
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 890/sshd
tcp 0 0 0.0.0.0:8888 0.0.0.0:* LISTEN 7354/puma 3.11.4 (t

################访问oxidized##################
#配置防火墙只允许管理网段访问oxidized服务器的8888端口。
firewall-cmd --permanent --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“192.168.77.0/24” port protocol=“tcp” port=“8888” accept’
firewall-cmd --reload

#网络设备的配置备份文件保存在：
/root/.config/oxidized/configs

#通过http访问
http://192.168.77.204:8888