transfer from github
This commit is contained in:
parent
e1f0cffe76
commit
2165da2bfd
303
python/backup2git.py
Normal file
303
python/backup2git.py
Normal file
@ -0,0 +1,303 @@
|
||||
#!/usr/bin/python3
|
||||
import pynetbox
|
||||
import requests
|
||||
import urllib3
|
||||
import pexpect
|
||||
import sys
|
||||
import json
|
||||
import gitlab
|
||||
from datetime import date
|
||||
today = str(date.today())
|
||||
|
||||
###############################################################################
|
||||
#
|
||||
# Set global variables
|
||||
#
|
||||
###############################################################################
|
||||
# Netbox URL and Token
|
||||
netbox_url = "https://HOST_OR_IP"
|
||||
netbox_token = "TOKEN"
|
||||
# Gitlab URL and Token
|
||||
gitlab_url = "https://HOST_OR_IP"
|
||||
gitlab_token = "TOKEN"
|
||||
# SCP User, Password and Host (SCP host can be same like Netbox host)
|
||||
scp_user = "USERNAME"
|
||||
scp_pass = "PASSWORD"
|
||||
scp_host = "HOST_OR_IP"
|
||||
# Set User, Password and Enable to connect with SSH to devices
|
||||
backup_user = "USERNAME"
|
||||
backup_pass = "PASSWORD"
|
||||
backup_enable = "ENABLE_PASSWORD"
|
||||
# Set Gitlab project ID
|
||||
project_id = PROJECT_ID
|
||||
|
||||
|
||||
###############################################################################
|
||||
def getDevicesFromNetbox():
|
||||
urllib3.disable_warnings()
|
||||
requests.packages.urllib3.disable_warnings()
|
||||
netbox = pynetbox.api(
|
||||
url = netbox_url,
|
||||
token = netbox_token,
|
||||
threading = True
|
||||
)
|
||||
netbox.http_session.verify = False
|
||||
|
||||
# init empty device array
|
||||
devices_netbox = []
|
||||
|
||||
#
|
||||
# Build a list with Core-Switches
|
||||
# Note: The filtering by role depends on the roles defined in netbox
|
||||
#
|
||||
# the list needs at minimum the following information:
|
||||
# device / site / hostname / status / ipv4 address
|
||||
# device: used to determine the device and what CLI commands are required to start a backup
|
||||
# site: used to build a directory structure in gitlab project
|
||||
# hostname: the hostname of the device to build .cfg
|
||||
# status: to determine if device can be backed up or is out of it
|
||||
# ipv4: IP address to connect to the device
|
||||
|
||||
core_switch = netbox.dcim.devices.filter(role='net-core-switch')
|
||||
for i in range(0, len(core_switch)):
|
||||
data = netbox.dcim.devices.get(name = core_switch[i])
|
||||
hostname = str(data).split(":")
|
||||
hostname = hostname[0]
|
||||
device_details = ["switch", str(data.site), hostname, str(data.primary_ip), str(data.status)]
|
||||
devices_netbox.append(device_details)
|
||||
|
||||
access_switch = netbox.dcim.devices.filter(role='net-access-switch')
|
||||
for i in range(0, len(access_switch)):
|
||||
data = netbox.dcim.devices.get(name = access_switch[i])
|
||||
hostname = str(data).split(":")
|
||||
hostname = hostname[0]
|
||||
device_details = ["switch", str(data.site), hostname, str(data.primary_ip), str(data.status)]
|
||||
devices_netbox.append(device_details)
|
||||
|
||||
wifi_controller = netbox.dcim.devices.filter(role='net-wireless-lan-controller')
|
||||
for i in range(0, len(wifi_controller)):
|
||||
data = netbox.dcim.devices.get(name = wifi_controller[i])
|
||||
hostname = str(data).split(":")
|
||||
hostname = hostname[0]
|
||||
device_details = ["wificontroller", str(data.site), hostname, str(data.primary_ip), str(data.status)]
|
||||
devices_netbox.append(device_details)
|
||||
|
||||
wan_firewall = netbox.dcim.devices.filter(role='net-wan-firewall')
|
||||
for i in range(0, len(wan_firewall)):
|
||||
data = netbox.dcim.devices.get(name = wan_firewall[i])
|
||||
hostname = str(data).split(":")
|
||||
hostname = hostname[0]
|
||||
device_details = ["wanfirewall", str(data.site), hostname, str(data.primary_ip), str(data.status)]
|
||||
devices_netbox.append(device_details)
|
||||
|
||||
return devices_netbox
|
||||
|
||||
###############################################################################
|
||||
def cliCiscoSwitch():
|
||||
try:
|
||||
print ("INFO: Connecting to device: " + hostname + " with IP: " + ipv4)
|
||||
sshconn = pexpect.spawn('ssh %s@%s' % (backup_user, ipv4))
|
||||
#sshconn.logfile = sys.stdout.buffer
|
||||
sshconn.timeout = 30
|
||||
|
||||
sshconn.expect('.*assword:.*')
|
||||
sshconn.sendline(backup_pass)
|
||||
sshconn.expect('#')
|
||||
sshconn.sendline('term len 0')
|
||||
sshconn.expect('#')
|
||||
|
||||
print ('INFO: Set exec banner')
|
||||
sshconn.sendline('conf t')
|
||||
sshconn.expect('#')
|
||||
sshconn.sendline('file prompt quiet')
|
||||
sshconn.expect('#')
|
||||
sshconn.sendline('banner exec ^')
|
||||
sshconn.sendline(today + ' - Config saved by backup2git')
|
||||
sshconn.sendline('^')
|
||||
sshconn.expect('#')
|
||||
sshconn.sendline('exit')
|
||||
|
||||
print ('INFO: Executing write memory command')
|
||||
sshconn.sendline('wr mem')
|
||||
sshconn.expect('.*OK.*')
|
||||
|
||||
print ('INFO: Executing copy run scp command')
|
||||
sshconn.sendline('copy run scp://' + scp_user + ':' + scp_pass + '@' + scp_host + '//tmp/' + hostname + '.cfg')
|
||||
sshconn.expect('.*copied.*')
|
||||
|
||||
print ('INFO: Log out from device: ' + hostname + " with ip: " + ipv4)
|
||||
sshconn.sendline('logout')
|
||||
|
||||
except pexpect.TIMEOUT:
|
||||
print ("ERROR: No login to device: " + hostname + " with ip: " + ipv4)
|
||||
pass
|
||||
|
||||
###############################################################################
|
||||
def cliCiscoWirelessController():
|
||||
try:
|
||||
print ("INFO: Connecting to device: " + hostname + " with IP: " + ipv4)
|
||||
sshconn = pexpect.spawn('ssh %s@%s' % (backup_user, ipv4))
|
||||
#sshconn.logfile = sys.stdout.buffer
|
||||
sshconn.timeout = 30
|
||||
|
||||
sshconn.expect('.*ser:.*')
|
||||
sshconn.sendline(backup_user)
|
||||
sshconn.expect('.*assword:.*')
|
||||
sshconn.sendline(backup_pass)
|
||||
sshconn.expect('>')
|
||||
print ('INFO: Executing save config command')
|
||||
sshconn.sendline('save config')
|
||||
sshconn.expect('(y/n)')
|
||||
sshconn.sendline('y')
|
||||
|
||||
print ('INFO: set transfer parameters')
|
||||
sshconn.sendline('transfer upload datatype config')
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload mode sftp')
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload serverip ' + scp_host)
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload filename ' + hostname + ".cfg")
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload path /tmp/')
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload username ' + scp_user)
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('transfer upload password ' + scp_pass)
|
||||
sshconn.expect('>')
|
||||
|
||||
print ('INFO: Executing transfer upload start command')
|
||||
sshconn.sendline('transfer upload start')
|
||||
sshconn.expect('(y/N)')
|
||||
sshconn.sendline('y')
|
||||
sshconn.expect('successfully.')
|
||||
|
||||
print ('INFO: Log out from device: ' + hostname + " with ip: " + ipv4)
|
||||
sshconn.sendline('logout')
|
||||
|
||||
except pexpect.TIMEOUT:
|
||||
print ("ERROR: No login to device: " + hostname + " with ip: " + ipv4)
|
||||
pass
|
||||
|
||||
###############################################################################
|
||||
def cliCiscoAsaFirewall():
|
||||
try:
|
||||
print ("INFO: Connecting to device: " + hostname + " with IP: " + ipv4)
|
||||
sshconn = pexpect.spawn('ssh %s@%s' % (backup_user, ipv4))
|
||||
#sshconn.logfile = sys.stdout.buffer
|
||||
sshconn.timeout = 30
|
||||
|
||||
sshconn.expect('.*assword:.*')
|
||||
sshconn.sendline(backup_pass)
|
||||
sshconn.expect('>')
|
||||
sshconn.sendline('enable')
|
||||
sshconn.expect('.*assword:.*')
|
||||
sshconn.sendline(backup_pass)
|
||||
|
||||
print ('INFO: Executing write memory command')
|
||||
sshconn.sendline('wr mem')
|
||||
sshconn.expect('.*OK.*')
|
||||
|
||||
print ('INFO: Executing copy run scp command')
|
||||
sshconn.sendline('copy run scp://' + scp_user + ':' + scp_pass + '@' + scp_host + '//tmp/' + hostname + '.cfg')
|
||||
sshconn.expect('.*ource')
|
||||
sshconn.sendline()
|
||||
sshconn.expect('.*ddress')
|
||||
sshconn.sendline()
|
||||
sshconn.expect('.*sername')
|
||||
sshconn.sendline()
|
||||
sshconn.expect('.*ilename')
|
||||
sshconn.sendline()
|
||||
sshconn.expect('continue connecting')
|
||||
sshconn.sendline('yes')
|
||||
sshconn.expect('copied')
|
||||
sshconn.sendline('logout')
|
||||
|
||||
print ('INFO: Log out from device: ' + hostname + " with ip: " + ipv4)
|
||||
sshconn.sendline('logout')
|
||||
|
||||
except pexpect.TIMEOUT:
|
||||
print ("ERROR: No login to device: " + hostname + " with ip: " + ipv4)
|
||||
pass
|
||||
|
||||
|
||||
###############################################################################
|
||||
# Get the devices from Netbox
|
||||
devices = getDevicesFromNetbox()
|
||||
|
||||
# Use a for-loop to go through the devices and check in the configuration files
|
||||
for i in range(0, len(devices)):
|
||||
|
||||
# Split list
|
||||
role = str(devices[i][0])
|
||||
location = str(devices[i][1])
|
||||
hostname = str(devices[i][2])
|
||||
ipv4 = str(devices[i][3])[:len(str(devices[i][3]))-3]
|
||||
status = str(devices[i][4])
|
||||
|
||||
# If device is active and has a primary IPv4 address (ssh connect action)
|
||||
if status == "Active" and ipv4 != "N":
|
||||
|
||||
# role is a switch
|
||||
if role == "switch":
|
||||
cliCiscoSwitch()
|
||||
# role is a wlc
|
||||
elif role == "wificontroller":
|
||||
cliCiscoWirelessController()
|
||||
# role is a firewall
|
||||
elif role == "wanfirewall":
|
||||
cliCiscoAsaFirewall()
|
||||
|
||||
# handle list from netbox if device is missing ipv4 or if
|
||||
# device status is set to something else than active
|
||||
else:
|
||||
print ("WARN: device not set to active or IP missing")
|
||||
|
||||
# If device is active and has primary IPv4 address (open file action)
|
||||
if status == "Active" and ipv4 != "N":
|
||||
# open config file and read it into a string variable
|
||||
try:
|
||||
content = open('/tmp/' + hostname + '.cfg').read()
|
||||
except:
|
||||
print ("ERROR: Cannot open file: " + hostname + ".cfg")
|
||||
|
||||
urllib3.disable_warnings()
|
||||
requests.packages.urllib3.disable_warnings()
|
||||
gl = gitlab.Gitlab(gitlab_url, ssl_verify=False, private_token=gitlab_token)
|
||||
# authenticate
|
||||
gl.auth()
|
||||
# get gitlab project
|
||||
project = gl.projects.get(project_id)
|
||||
|
||||
# try with a commit create if file does not exist on gitlab project
|
||||
try:
|
||||
data_create = {
|
||||
'branch': 'master',
|
||||
'commit_message': 'Initial commit of config file on ' + today + ' by backup2git',
|
||||
'actions': [
|
||||
{
|
||||
'action': 'create',
|
||||
'file_path': location + '/' + hostname + '.cfg',
|
||||
'content': open('/tmp/' + hostname + '.cfg').read(),
|
||||
}
|
||||
]
|
||||
}
|
||||
except:
|
||||
print ("Cannot build commit create JSON")
|
||||
pass
|
||||
# If file exists, use commit update to check in new version of file
|
||||
try:
|
||||
data_update = {
|
||||
'branch': 'master',
|
||||
'commit_message': 'Update of config file on ' + today + ' by backup2git',
|
||||
'actions': [
|
||||
{
|
||||
'action': 'update',
|
||||
'file_path': location + '/' + hostname + '.cfg',
|
||||
'content': open('/tmp/' + hostname + '.cfg').read(),
|
||||
}
|
||||
]
|
||||
}
|
||||
except:
|
||||
print ("Cannot build commit update JSON")
|
||||
pass
|
Loading…
Reference in New Issue
Block a user