ipng/router-backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Move to yaml.v3 and mergo. Refactor config parsing into a package. Refactor SSH connections into a package. Create default YAML directory, and update docs

Browse Source
This commit is contained in:
Pim van Pelt
2025-07-06 17:11:22 +02:00
parent 75646856aa
commit 769d9eb6cd
11 changed files with 441 additions and 490 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
docs/DETAILS.md
View File

@ -8,7 +8,7 @@ IPng Networks Router Backup is a SSH-based network device configuration backup t
- **Multi-device support**: Backup multiple routers in a single run
- **Device type templates**: Define command sets per device type
- **Configuration includes**: Split large configurations with `!include` directives
- **Configuration includes**: Split large configurations into many files and merge them at runtime
- **Flexible authentication**: SSH agent, key files, or password authentication
- **Selective execution**: Target specific devices with `--host` flags
- **Automatic file organization**: Output files named by hostname
@ -17,14 +17,13 @@ IPng Networks Router Backup is a SSH-based network device configuration backup t
## Configuration File Format
The tool uses a YAML configuration file with two main sections: `types` and `devices`. The configuration supports `!include` directives for organizing large configurations across multiple files.
The tool uses a YAML configuration file with two main sections: `types` and `devices`. The
configuration reading multiple files with the `--yaml` flag, merging their contents along the way.
### Complete Example
**Main configuration** (`config.yaml`):
```yaml
!include device-types.yaml
devices:
asw100:
user: admin
@ -45,7 +44,7 @@ devices:
- show ip route summary
```
**Device types file** (`device-types.yaml`):
**Device types file** (`00-device-types.yaml`):
```yaml
types:
srlinux:
@ -155,7 +154,7 @@ devices:
### Required Flags
- **`--config`**: Path to YAML configuration file
- **`--yaml`**: Path to YAML configuration file(s)
### Optional Flags
@ -171,25 +170,25 @@ devices:
```bash
# Basic usage - all devices
ipng-router-backup --config /etc/ipng-router-backup/config.yaml
ipng-router-backup --yaml /etc/ipng-router-backup/*.yaml
# Custom output directory
ipng-router-backup --config config.yaml --output-dir /backup/network
ipng-router-backup --yaml *.yaml --output-dir /backup/network
# Specific devices only
ipng-router-backup --config config.yaml --host asw100 --host core-01
ipng-router-backup --yaml *.yaml --host asw100 --host core-01
# Multiple specific devices
ipng-router-backup --config config.yaml --host asw100 --host asw120 --host core-01
ipng-router-backup --yaml *.yaml --host asw100 --host asw120 --host core-01
# Custom SSH port
ipng-router-backup --config config.yaml --port 2222
ipng-router-backup --yaml *.yaml --port 2222
# Using password authentication
ipng-router-backup --config config.yaml --password mypassword
ipng-router-backup --yaml *.yaml --password mypassword
# Using specific SSH key
ipng-router-backup --config config.yaml --key-file ~/.ssh/network_key
ipng-router-backup --yaml *.yaml --key-file ~/.ssh/network_key
```
## SSH Authentication Methods
@ -206,7 +205,7 @@ eval "$(ssh-agent -s)"
ssh-add ~/.ssh/id_rsa
# Run backup (will use SSH agent automatically)
ipng-router-backup --config config.yaml
ipng-router-backup --yaml *.yaml
```
**Advantages:**
@ -221,7 +220,7 @@ Specify a private key file with `--key-file` or use default locations.
```bash
# Explicit key file
ipng-router-backup --config config.yaml --key-file ~/.ssh/network_key
ipng-router-backup --yaml *.yaml --key-file ~/.ssh/network_key
# Tool automatically checks these default locations:
# ~/.ssh/id_rsa
@ -240,10 +239,10 @@ Use `--password` flag for password-based authentication.
```bash
# Command line password (not recommended for scripts)
ipng-router-backup --config config.yaml --password mypassword
ipng-router-backup --yaml *.yaml --password mypassword
# Interactive password prompt (when no other auth available)
ipng-router-backup --config config.yaml
ipng-router-backup --yaml *.yaml
# Output: "No SSH key found. Enter SSH password: "
```
@ -290,7 +289,7 @@ Software Version : v25.3.2
### Basic Backup All Devices
```bash
ipng-router-backup --config /etc/backup/network.yaml --output-dir /backup/$(date +%Y%m%d)
ipng-router-backup --yaml /etc/backup/*.yaml --output-dir /backup/$(date +%Y%m%d)
```
### Backup Specific Device Types
@ -299,7 +298,7 @@ Create a config with only the devices you want, or use `--host`:
```bash
# Backup only SR Linux devices
ipng-router-backup --config network.yaml --host asw100 --host asw120 --host asw121
ipng-router-backup --yaml network.yaml --host asw100 --host asw120 --host asw121
```
### Scheduled Backup with SSH Agent
@ -317,7 +316,7 @@ BACKUP_DIR="/backup/network/$(date +%Y%m%d)"
mkdir -p "$BACKUP_DIR"
ipng-router-backup \
--config /etc/ipng-router-backup/config.yaml \
--yaml /etc/ipng-router-backup/*.yaml \
--output-dir "$BACKUP_DIR"
# Kill SSH agent
@ -329,7 +328,7 @@ ssh-agent -k
```bash
# Quick backup of single device with password
ipng-router-backup \
--config emergency.yaml \
--yaml emergency.yaml \
--host core-router-01 \
--password emergency123 \
--output-dir /tmp/emergency-backup
@ -420,7 +419,7 @@ BACKUP_DIR="/backup/network-configs"
cd "$BACKUP_DIR"
# Run backup
ipng-router-backup --config config.yaml --output-dir .
ipng-router-backup --yaml config.yaml --output-dir .
# Commit changes
git add .
@ -459,11 +458,11 @@ devices:
#!/bin/bash
# Backup with monitoring
if ipng-router-backup --config config.yaml --output-dir /backup; then
if ipng-router-backup --yaml config.yaml --output-dir /backup; then
echo "Backup completed successfully" | logger
else
echo "Backup failed!" | logger
# Send alert email
echo "Network backup failed at $(date)" | mail -s "Backup Alert" admin@company.com
fi
```
```

98
docs/config.yaml.example
View File

@ -1,98 +0,0 @@
# IPng Networks Router Backup Configuration Example
# Copyright 2025, IPng Networks GmbH, Pim van Pelt <pim@ipng.ch>
#
# This file demonstrates how to configure the ipng-router-backup tool.
# Copy this file to a location of your choice and modify for your environment.
#
# Usage: ipng-router-backup --config /path/to/your/config.yaml
#
# YAML !include Support:
# You can split large configurations into multiple files using !include directives.
# Examples:
# !include device-types.yaml
# !include devices/production.yaml
# !include "devices/lab environment.yaml" # Use quotes for paths with spaces
# Include device types from separate file
!include device-types.yaml
# Devices Section
# Define individual network devices to backup
devices:
# Core switches (SR Linux)
asw100:
user: admin # SSH username
type: srlinux # Reference to type above
asw120:
user: netops # Different user per device if needed
type: srlinux
asw121:
user: admin
type: srlinux
# Distribution switches (Centec)
csw150:
user: admin
type: centec
csw151:
user: admin
type: centec
# Edge routers (Arista EOS)
edge-01:
user: automation
type: eos
edge-02:
user: automation
type: eos
# Special case: Device with custom commands (overrides type)
legacy-router:
user: admin
commands:
- show version
- show running-config
- show ip route summary
# Custom commands specific to this device only
# Example using IP address instead of hostname
192.168.1.100:
user: operator
type: cisco-ios
# Configuration Tips:
#
# 1. Authentication Priority (automatic):
# - SSH Agent (if SSH_AUTH_SOCK environment variable is set)
# - SSH Key file (--key-file flag or default locations)
# - Password (--password flag or interactive prompt)
#
# 2. Running the backup:
# # Backup all devices
# ipng-router-backup --config /etc/ipng-router-backup/config.yaml
#
# # Backup specific devices only
# ipng-router-backup --config config.yaml --host asw100 --host edge-01
#
# # Custom output directory
# ipng-router-backup --config config.yaml --output-dir /backup/$(date +%Y%m%d)
#
# 3. Output files:
# - Named after device hostname (e.g., 'asw100', 'edge-01')
# - Each command output prefixed with "## COMMAND: <command>"
# - Files are recreated on each run (not appended)
#
# 4. Security considerations:
# - Use SSH keys instead of passwords when possible
# - Consider using SSH agent for additional security
# - Restrict SSH access to backup user accounts
# - Store configuration files with appropriate permissions (640 recommended)
#
# 5. Error handling:
# - If a device is unreachable, the tool continues with other devices
# - Check tool output for connection or authentication failures
# - Use --host flag to test individual devices

42
docs/device-types.yaml
View File

@ -1,42 +0,0 @@
types:
# Nokia SR Linux devices
srlinux:
commands:
- show version # System version and build info
- show platform linecard # Line card information
- show platform fan-tray # Fan status and health
- show platform power-supply # Power supply status
- info flat from running # Full running configuration
# Arista EOS devices
eos:
commands:
- show version # System version information
- show inventory # Hardware inventory
- show env power # Power supply status
- show running-config # Complete running configuration
# Centec switches
centec:
commands:
- show version | exc uptime # Version info without uptime line
- show boot images # Boot image information
- show transceiver # SFP/transceiver status
- show running-config # Running configuration
# Cisco IOS/IOS-XE devices
cisco-ios:
commands:
- show version # IOS version and hardware info
- show inventory # Hardware inventory details
- show running-config # Complete configuration
- show ip interface brief # Interface IP summary
- show cdp neighbors # CDP neighbor information
# Juniper devices
junos:
commands:
- show version # Software and hardware version
- show chassis hardware # Chassis hardware details
- show configuration | display set # Configuration in set format
- show interfaces terse # Interface status summary

17
docs/router_backup.1
View File

@ -3,7 +3,7 @@
ipng-router-backup \- SSH Router Backup Tool
.SH SYNOPSIS
.B ipng-router-backup
.RI --config " CONFIG_FILE"
.RI --yaml " CONFIG_FILE(S)"
.RI [ --output-dir " DIRECTORY" ]
.RI [ --password " PASSWORD" ]
.RI [ --key-file " KEYFILE" ]
@ -11,13 +11,14 @@ ipng-router-backup \- SSH Router Backup Tool
.RI [ --host " HOSTNAME" ]...
.SH DESCRIPTION
.B router_backup
is a tool for backing up router configurations via SSH. It connects to multiple routers defined in a YAML configuration file and executes commands, saving the output to files.
is a tool for backing up router configurations via SSH. It connects to multiple routers defined in a
set of YAML configuration file(s) and executes commands, saving the output to files.
.PP
The tool supports multiple device types with predefined command sets, SSH agent authentication, and automatic file organization.
.SH OPTIONS
.TP
.BR --config " \fICONFIG_FILE\fR"
YAML configuration file path (required)
.BR --yaml " \fICONFIG_FILE\fR"
YAML configuration file(s) (required)
.TP
.BR --output-dir " \fIDIRECTORY\fR"
Output directory for command output files (default: /tmp)
@ -73,22 +74,22 @@ For each device, a text file named after the hostname is created in the specifie
.TP
Basic usage:
.EX
ipng-router-backup --config /etc/ipng-router-backup/config.yaml
ipng-router-backup --yaml /etc/ipng-router-backup/*.yaml
.EE
.TP
Custom output directory:
.EX
ipng-router-backup --config config.yaml --output-dir /home/user/backups
ipng-router-backup --yaml config.yaml --output-dir /home/user/backups
.EE
.TP
Using password authentication:
.EX
ipng-router-backup --config config.yaml --password mysecretpass
ipng-router-backup --yaml config.yaml --password mysecretpass
.EE
.TP
Process specific hosts only:
.EX
ipng-router-backup --config config.yaml --host asw100 --host asw120
ipng-router-backup --yaml config.yaml --host asw100 --host asw120
.EE
.SH FILES
.TP