Automatic config backups using os-api-backup

Started by danb35, July 23, 2020, 12:09:17 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
November 09, 2023, 09:37:39 AM #15
We will add the following to 23.7.8: https://github.com/opnsense/core/commit/39b531783

The direct download URL is https://xxx.xxx.xxx.xxx/api/core/backup/download/this and I've also changed the EoL message of os-api-backup accordingly.


Cheers,
Franco
November 09, 2023, 04:58:59 PM #16 Last Edit: November 09, 2023, 05:02:46 PM by YaBoiCole
Quote from: franco on November 09, 2023, 09:37:39 AM
We will add the following to 23.7.8: https://github.com/opnsense/core/commit/39b531783

The direct download URL is https://xxx.xxx.xxx.xxx/api/core/backup/download/this and I've also changed the EoL message of os-api-backup accordingly.


Cheers,
Franco

Thank you!
January 16, 2024, 06:40:05 PM #17
is there any simple way to package this as a docker container, with a config file to process multiple firewalls (eg a row with parameters related to every remote system)? it will be great  :D
March 18, 2024, 05:21:38 PM #18
Mine is slightly different but here's an updated script for those of you who are maybe less technically inclined.  Just update the 5 variables at the top to match your configuration and you should be good to go.  You'll just need to setup a cron job to run this nightly - the script below will also work run directly from a synology system.


Code Select
#!/usr/bin/bash

# Change API key and secret, number of days to keep backups, the path to your backups and the hostname for your firewall

key=YOURKEY
secret=YOURSECRET
daystokeep=30
destination="/PATH/TO/SAVE/BACKUPS/TO"
fwhost="IP_ADDRESS_OF_FIREWALL-192.168.1.1"

date=$(date +%Y-%m-%d)

result=$(/usr/bin/curl -I -s -k -u "$key":"$secret" https://$fwhost/api/core/backup/download/this | head -1)

if [[ $result != *"200"* ]]; then
   echo "Result of the HTTP request is $result"
      exit 1
      fi

      /usr/bin/curl -s -k -u "$key":"$secret" https://$fwhost/api/core/backup/download/this > $date.xml

      error=$?

      if [ $error -gt 0 ]; then
         echo "Curl returned error number $error"
            exit 1
            fi

            /usr/bin/gzip $date.xml

            mv $date.xml.gz $destination
            /usr/bin/find $destination/* -mtime +$daystokeep -exec rm {} \;
March 20, 2024, 05:20:46 AM #19
I'd like config plaintext passwords to be encrypted in file. Configs always end up on more locations, backup sites, where permissions vary.
May 17, 2024, 12:54:21 PM #20 Last Edit: May 17, 2024, 11:10:37 PM by edz
Edit: Seems I had wrong permissions on the user account; all god now!
Print
Go Up Pages 1 2
User actions