OPNsense Forum
Archive => 19.7 Legacy Series => Topic started by: DJ_L on December 07, 2019, 09:27:12 pm
-
Currently OPNsense only backs up it's xml configuration and not other, shall we say, less standard, configuration and functionality changes. I view this as a minor deficiency, but a minor deficiency for which I'd like to contribute.
See these forum threads for similar concerns:
https://forum.opnsense.org/index.php?topic=10631.msg48436#msg48436
https://forum.opnsense.org/index.php?topic=13220.msg60839#msg60839
In my particular situation, a restored backup would leave two dangling, self-created services that would not be easily recreated (if not for the guts having been posted on this forum). What I would like to see introduced is one of the two following methods.
The simplest would be a tar.gz backup scheme with a customization directory that mirrors the layout of /usr/local/opnsense/{scripts,service/conf/actions.d{,(*?)}}. Coming from a Linux background, my immediate suggestion is /usr/local/etc/opnsense, but I suspect that is probably not correct, nor have I yet determined whether configd can handle a second service directory (and even this could be overcome with a simple copy at startup, but that's sloppy at best IMO). Assuming configd can put to use a second actions.d directory (I haven't looked into the mechanism yet, but presumably there is an include statement someplace to pickup the ini-style files), I could probably slap a patch together in a couple of hours.
The other, more complex, but seemingly more inline with the goals and methods outlined in the Development Manual, would be to extend the xml to include both customized scripts and actions (and presumably to extend the GUI to account for these). I haven't looked into this at all yet. One problem that comes immediately to mind is that I only want to read these and apply to disk when a change is made or upon initial restore, but not at startup (as alluded to in the previous suggestion, this would be sloppy IMO). I'm guessing that this is probably already handled elsewhere looking at the SSL certificates for instance, but it is a concern if it is to be done correctly. Suggestions for the xml would be appreciated.
I wanted to see first, if there was any interest in the above suggestion, and second, if something is already planned for this type of change. I also want to know if there is a more appropriate forum for discussion and intent to work toward this goal. Of course, I am open to other view points on this topic, but from my limited POV (I've only been using OPNsense for about a month or so, and I absolutely love it), a working solution seems really as simple as selecting one of the two choices above and working toward it.
Thoughts on the above? Thanks in advance for your direction, suggestions, discussion, concerns, answers to the above questions, and most importantly, this excellent product.
--DJ