Hi :)
Is it possible to create automatic occured backup of OpnSense configuration to SCP/SFTP server?
Currently, there is only automated backup onto Google Drive, which is not best way in my opinion ;)
Solution can be triggered from OpnSense itself (even from internal crontab), but also from external server by downloading configuration XML using some fancy script ;)
Can I use for this an API key generated for special user? How?
Thx for any hint how to do this.
Best regards!
Hi Martinezio,
The easiest option in your case is probably to create your own backup script using ssh public key authentication and copy /conf/config.xml (and optional rrd files) to your remote server.
When your script is functional, you can register the backup command to configd by creating a file like this:
/usr/local/opnsense/service/conf/actions.d/actions_myactions.conf
Containing something like:
[backup]
command:/usr/local/opnsense/scripts/myscripts/backup.sh
parameters:
type:script
message:perform backup
description: perform my backup
Mind the description tag, you need it to see your command in the cron setup, which is available at:
https://192.168.1.1/ui/cron/ (https://192.168.1.1/ui/cron/)
Then restart configd:
service configd restart
If you want to test your setup manually (using the file and tag name from this example), you can execute the following:
configctl myactions backup
Best regards,
Ad
Wow, thx for this :)
I will test it and leave a note if it works for me :)
Best regards.
Ok, my script itself works perfectly, but I can't do the cron magic. I don't have such url: 192.168.x.x/ui/cron available - when I enter this manualy, I land on system status page.
I've used a standard shell to access crontab and will see if it works.
Thx for Your help :) Case is solved.
I guess you miss a / at the end of the url when you enter https://192.168.1.1/ui/cron it routes back to the dashboard. this https://192.168.1.1/ui/cron/ should route to the cron setup page.
Cron Page should be opened for general access in 16.7. Currently doing a bit more refactoring to make it more centralised as there was an old Cron system in place too.
Indeed I've ommited trailing slash. Now I can see my script in cron and have tested it working from cron :) Thanks a lot!
BTW: why it is not supported settings cron action every n amount of time? In linux we can write like this:
*/5 * * * * somefancyscript.sh
and it will run every 5 min...
Ok, You're working on refactoring cron implementation, but will this be supported in new implementation? :)
Right, it's supported by FreeBSD so I filed a GUI bug:
https://github.com/opnsense/core/issues/946