add project

boberx · Mar 21, 2018 · 546519b · 546519b
commit 546519b
Show file tree

Hide file tree

Showing 4 changed files with 229 additions and 0 deletions.
diff --git a/.gitignore b/.gitignore
@@ -0,0 +1 @@
+*.lst
diff --git a/README.md b/README.md
@@ -0,0 +1,23 @@
+# cisco-backup-git
+# Description
+This script allows network backups of Cisco switches and routers.
+It stores the configs in git repositories.
+
+# How to use
+```sh
+./cisco-backup-git.sh -f dev.lst -d ../backup/ -n 8 -c "some changes description"
+```
+
+```sh
+./cisco-backup-git.sh -f dev.lst -d ../backup/ -n "29 30" -c "back up devices with number 29 and 30 from the configuration file"
+```
+
+```sh
+./cisco-backup-git.sh -f dev.lst -d ../backup/ -c "backup all devices from the configuration file"
+```
+
+# cisco backup user example
+```
+username backup privilege 3 secret 0 PASSWORD
+privilege exec all level 3 show running-config
+```
diff --git a/cisco-backup-git.sh b/cisco-backup-git.sh
@@ -0,0 +1,198 @@
+#!/bin/bash
+
+RS=0;
+
+R1="^([0-9]{1,2})@([a-z]+)@([a-z]+)@([a-z]+)@([0-9a-zA-Z\.|]+)@([0-9a-zA-Z\.|#]+)@([0-9A-Za-z\.\-]+)@([0-9]+)$";
+
+SSHC="/usr/bin/ssh -4 -p 22 -oStrictHostKeyChecking=no -oPreferredAuthentications=password ";
+SSHC+="-oNumberOfPasswordPrompts=1 -oPubkeyAuthentication=no -oConnectTimeout=5 ";
+SSHC+="-oKexAlgorithms=+diffie-hellman-group1-sha1";
+
+# копирует файлы по симлинкам и это, похоже, никак не исправить (rsync?)
+SCPC="/usr/bin/scp -4 -r -oStrictHostKeyChecking=no -oPreferredAuthentications=password ";
+SCPC+="-oNumberOfPasswordPrompts=1 -oPubkeyAuthentication=no -oConnectTimeout=5";
+
+DEVFILE="";
+GITDIR="";
+DLST="";
+CMNT="";
+
+while getopts ":d:f:n:c:" opt; do
+	case $opt in
+		f) DEVFILE="${OPTARG}";;
+		d) GITDIR="${OPTARG}";;
+		n) DLST="${OPTARG}";;
+		c) CMNT="${OPTARG}";;
+		:) echo "Option -$OPTARG requires an argument." >&2;;
+		\?) echo "Invalid option: -$OPTARG" >&2;;
+	esac;
+done;
+
+GITDIR=`sed 's/\/$//' <<<"${GITDIR}"`;
+GITDIR=`realpath "${GITDIR}"`;
+
+if [ ! -d "${GITDIR}" ]; then
+	echo "GIT folder does not exit";
+else if [ ! -f "${DEVFILE}" ]; then
+	echo "File not found: "${DEVFILE}"";
+else
+CHANGES=0;
+git -C "${GITDIR}" pull;
+if [ ${?} -eq 0 ]; then while read L; do if [[ ${L} =~ ${R1} ]]; then
+	HNUM="${BASH_REMATCH[1]}";
+	HTYP="${BASH_REMATCH[2]}";
+	STYP="${BASH_REMATCH[3]}";
+	USER="${BASH_REMATCH[4]}";
+	PASS="${BASH_REMATCH[5]}";
+	ENBL="${BASH_REMATCH[6]}";
+	HOST="${BASH_REMATCH[7]}";
+	PORT="${BASH_REMATCH[8]}";
+
+	if [ -n "${DLST}" ]; then
+		if ! [[ " ${DLST} " =~ " ${HNUM} " ]]; then
+			continue;
+		fi;
+	fi;
+
+	FILE=""${GITDIR}"/"${HOST}".cfg";
+
+	case "${HTYP}" in
+		"linux")
+			case "${STYP}" in
+				"scp")
+					mkdir -p "${GITDIR}"/"${HOST}"/ || exit 1;
+
+					expc="set timeout 120\n";
+					expc+="log_user 0\n";
+					expc+="spawn "${SCPC}" -P "${PORT}" "${USER}"@"${HOST}":/etc/ "${GITDIR}"/"${HOST}"/\n";
+					expc+="while 1 {\n";
+					expc+="expect {\n";
+					expc+="\"*Could not resolve*\" { send_user 'Temporary\ failure\ in\ nameresolution'; exit 1 }\n";
+					expc+="\"*assword:\" { send -- ""${PASS}""\\\r\\\n }\n";
+					expc+="\"*refused*\" { send_user 'refused'; exit 1 }\n";
+					expc+="\"*not known*\" { send_user 'notknown'; exit 1 }\n";
+					expc+="timeout { send_user 'timeout'; exit 1 }\n";
+					expc+="eof { exit 0 }\n";
+					expc+="}\n";
+					expc+="}\n";
+					expc+="exit 1\n";
+					;;
+				*)
+					expc="send_user 'unknown'\nexit 1\n";
+					;;
+			esac;
+			;;
+		"cisco")
+			case "${STYP}" in
+				"ssh")
+					expc="set timeout 6\n";
+					expc+="log_user 0\n";
+					expc+="spawn "${SSHC}" "${USER}"@"${HOST}"\n";
+					expc+="while 1 {\n";
+					expc+="expect {\n";
+					expc+="\"*assword:\" { send -- \"""${PASS}""\\\r\\\n\" }\n";
+					expc+="\"*>\" { send -- \"enable\n\";\sleep 1;\n";
+					expc+="while 1 {\n";
+					expc+="expect \"*assword:\" { send -- \"""${ENBL}""\n\"; sleep 1;break }\n";
+					expc+="expect \"*denied*\" { send_user 'denied'; exit 1 }\n";
+					expc+="}\n";
+					expc+="}\n";
+					expc+="\"*#\" { send -- \"terminal length 0\\\r\\\n\"; sleep 1; break }\n";
+					expc+="\"*denied*\" { send_user 'denied'; exit 1 }\n";
+					expc+="\"*refused*\" { send_user 'refused'; exit 1 }\n";
+					expc+="\"*not known*\" { send_user 'notknown'; exit 1 }\n";
+					expc+="timeout { send_user 'timeout'; exit 1 }\n";
+					expc+="eof { send_user 'eof'; exit 1 }\n";
+					expc+="}\n";
+					expc+="}\n";
+					expc+="log_user 1\n";
+					expc+="expect \"*#\" { send -- \"show running-config view full\\\r\\\n\"; sleep 1;\n";
+					expc+="expect # { send -- \"exit\\\r\\\n\"; exit 0 }\n";
+					expc+="}\n";
+					expc+="log_user 0\n";
+					expc+="exit 1\n";
+					;;
+				"tel")
+					expc="set timeout 3\n";
+					expc+="log_user 0\n";
+					expc+="spawn telnet "${HOST}"\n";
+					expc+="while 1 {\n";
+					expc+="expect {\n";
+					expc+="\"*sername:\" { send -- ""${USER}""\\\r }\n";
+					expc+="\"*assword:\" { send -- ""${PASS}""\\\r }\n";
+					expc+="\"*denied*\" { send_user 'denied'; exit 1 }\n";
+					expc+="\"*failed*\" { send_user 'denied'; exit 1 }\n";
+					expc+="\"*refused*\" { send_user 'refused'; exit 1 }\n";
+					expc+="\"*not known*\" { send_user 'notknown'; exit 1 }\n";
+					expc+="\"*>\" { send_user 'permission'; exit 1 }\n";
+					expc+="\"*#\" { send -- \"terminal length 0\\\r\"; break }\n";
+					expc+="timeout { send_user 'timeout'; exit 1 }\n";
+					expc+="}\n";
+					expc+="}\n";
+					expc+="log_user 1\n";
+					expc+="expect \"*#\" { send -- \"show running-config view full\\\r\" }\n";
+					expc+="expect \"*nvalid input*\" { send -- \"show running-config\\\r\" }\n";
+					expc+="expect # { send -- \"exit\\\r\"; exit 0 }\n";
+					expc+="log_user 0\n";
+					expc+="exit 1\n";
+					;;
+				*)
+					expc="send_user 'unknown'\nexit 1\n";
+					;;
+			esac;
+			;;
+		*)
+			expc="send_user 'unknown'\nexit 1\n";
+			;;
+	esac;
+
+	size=0;
+	outex=$(echo -e "${expc}" | /usr/bin/expect -nN -f -);
+
+	if [ ${?} -eq 0 ]; then
+		case "${HTYP}" in
+			"linux")
+				case "${STYP}" in
+					"scp")
+						size=$(du -bs "${GITDIR}"/"${HOST}" | cut -f 1);
+						if [ ${size} -ge 5000 ]; then
+							echo "OK: "${HOST}"";
+							git -C "${GITDIR}" add "${HOST}";
+							CHANGES=1;
+						else
+							echo "ERROR: "${HOST}" status: size: "${size}"";
+							RS=1;
+						fi;
+						;;
+				esac;
+				;;
+			*)
+				echo  "${outex}" | sed -n '/!/,/^end/p' | egrep -v "ntp clock-period" > "${FILE}";
+				size=$(wc -c <"${FILE}");
+				if [ ${size} -ge 3100 ]; then
+					echo "OK: "${HOST}"";
+					git -C "${GITDIR}" add "${FILE}";
+					CHANGES=1;
+				else
+					echo "ERROR: "${HOST}" status: size: "${size}"";
+					RS=1;
+				fi;
+				;;
+		esac;
+	else
+		echo "ERROR: "${HOST}" status: "${outex}"";
+		RS=1;
+	fi;
+else
+	echo "ERROR: Wrong device's string: "${L}""
+	RS=1;
+fi;
+done < <(egrep -v "^( +)?#.*$|^$" "${DEVFILE}" | sort -u);
+if [ ${CHANGES} -eq 1 ]; then
+	git -C "${GITDIR}" commit -m "$(hostname).$(dnsdomainname) $(date +%Y-%m-%d_%H.%M.%S) ${CMNT}" && git -C "${GITDIR}" push;
+fi;
+fi;
+fi;
+fi;
+
+exit ${RS};
diff --git a/lst.example b/lst.example
@@ -0,0 +1,7 @@
+# NUMBER@DEVICE_TYPE@CONNECTION_PROTOCOL@DEVICE_USER@USER_PASSWORD@ENABLE_PASSWORD@DEVICE_ADDRESS@DEVICE_PORT
+1@cisco@ssh@USER@PASSWORD@[email protected]@22
+2@cisco@ssh@USER@PASSWORD@ENABLEPASS@router1@22
+3@cisco@ssh@USER@PASSWORD@ENABLEPASS@router2@22
+4@cisco@ssh@USER@PASSWORD@[email protected]@22
+5@cisco@tel@USER@PASSWORD@none@switch2@23
+6@cisco@tel@USER@@PASSWORD@[email protected]@23