Last Updated: 2024/08/12
I'm installing on Debian 12, which has Ruby3 in its default repository.
1. Install dependencies
apt install ruby ruby-dev libsqlite3-dev libssl-dev pkg-config cmake libssh2-1-dev libicu-dev zlib1g-dev g++ git2. Install the gems
gem install oxidized
gem install oxidized-script oxidized-web # If you don't install oxidized-web, ensure "rest" is removed from your Oxidized config.3. Add oxidized user (don't run oxidized as root)
adduser oxidized --disabled-password5. Create a systemd config for Oxidized
bash -c "cat > /etc/systemd/system/oxidized.service" <<'EOF'
# To set OXIDIZED_HOME instead of the default,
# ~oxidized/.config/oxidized, uncomment (and modify as required) the
# "Environment" variable below so systemd sets the correct
# environment.
[Unit]
Description=Oxidized - Network Device Configuration Backup Tool
After=network-online.target multi-user.target
Wants=network-online.target
[Service]
ExecStart=/usr/local/bin/oxidized
User=oxidized
KillSignal=SIGKILL
Environment="OXIDIZED_HOME=/home/oxidized"
Restart=on-failure
RestartSec=30s
[Install]
WantedBy=multi-user.target
EOF6. Reload systemctl, Enable and Start Oxidized
systemctl daemon-reload
systemctl enable --now oxidized.service7. Oxidized should crash because we haven't yet configured the input and output options in . I will be using Git as an output. Modify the output: section of /home/oxidized/config
output:
default: git
git:
user: Oxidized
email: oxidized@oxidized.oxidized
repo: "/home/oxidized/oxidized.git"To configure the source:, choose one of the two methods below: Using a CVS backend or LibreNMS API
1. Modify the source: section of /home/oxidized/config
source:
default: csv
csv:
file: /home/oxidized/router.db
delimiter: !ruby/regexp /:/
map:
name: 0
model: 1
username: 2
password: 3
vars_map:
enable: 42. Create the router.db file and specify at least one host to backup. (Oxidized will continue to crash if no hosts are listed) (Follow the order of the map: in the source:. Ex: host:model:username … etc. The host must be defined. The other items such as the username and password, which are defined at the beginning of the config file as the defaults for all devices, are optional.)
vim /home/oxidized/router.db
access-switch-1.example.com:cisco---
username: oxidized
password: *************************
resolve_dns: true
interval: 7200
log: /home/oxidized/oxidized/main.log
use_syslog: false
debug: true
threads: 30
use_max_threads: true
timeout: 20
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 0.0.0.0:8888
next_adds_job: false
vars:
ios_rbac: true
remove_secrets: true
groups: {}
models: {}
pid: "/home/oxidized/.config/oxidized/pid"
crash:
directory: "/home/oxidized/oxidized/crashes"
hostnames: true
stats:
history_size: 10
input:
default: ssh
debug: false
ssh:
secure: true
ftp:
passive: true
utf8_encoded: true
output:
default: git
git:
user: oxidized
email: oxidized@oxidized.local
repo: "/var/lib/oxidized/devices.git"
file:
directory: "/home/oxidized/oxidized/configs"
source:
default: csv
csv:
file: /home/oxidized/oxidized/router.db
delimiter: !ruby/regexp /:/
map:
name: 0
model: 1
username: 2
password: 3
vars_map:
enable: 4