Key components: RANCID, CVSweb
Note: In this particular case the OS of choice is OpenBSD
1. Install rancid package:
# pkg_add rancid-2.3.6.tgz
rancid-2.3.6:tcl-8.5.9: ok
rancid-2.3.6:expect-5.44.1.15p0-no_tk: ok
useradd: Warning: home directory `/var/rancid' doesn't exist, and -m was not specified
rancid-2.3.6: ok
Look in /usr/local/share/doc/pkg-readmes for extra documentation.
2. Edit /etc/rancid.conf, e.g.:
TERM=network;export TERM
umask 027
TMPDIR=/tmp; export TMPDIR
BASEDIR=/var/rancid; export BASEDIR
PATH=/usr/local/bin:/usr/bin:/usr/local/bin:/usr/sbin:/bin:/usr/bin; export PATH
CVSROOT=$BASEDIR/CVS; export CVSROOT
LOGDIR=$BASEDIR/logs; export LOGDIR
RCSSYS=cvs; export RCSSYS
ACLSORT=YES; export ACLSORT
FILTER_PWDS=YES; export FILTER_PWDS
NOCOMMSTR=YES; export NOCOMMSTR
LIST_OF_GROUPS="group1 group2"
umask 027
TMPDIR=/tmp; export TMPDIR
BASEDIR=/var/rancid; export BASEDIR
PATH=/usr/local/bin:/usr/bin:/usr/local/bin:/usr/sbin:/bin:/usr/bin; export PATH
CVSROOT=$BASEDIR/CVS; export CVSROOT
LOGDIR=$BASEDIR/logs; export LOGDIR
RCSSYS=cvs; export RCSSYS
ACLSORT=YES; export ACLSORT
FILTER_PWDS=YES; export FILTER_PWDS
NOCOMMSTR=YES; export NOCOMMSTR
LIST_OF_GROUPS="group1 group2"
3. Add RANCID entries to aliases(5):
# local aliases
_rancid: admin@company.test
# rancid aliases
rancid-group1: user1@company.test
rancid-admin-group1: admin@company.test
rancid-group2: user2@company.test
rancid-admin-group2: admin@company.test
_rancid: admin@company.test
# rancid aliases
rancid-group1: user1@company.test
rancid-admin-group1: admin@company.test
rancid-group2: user2@company.test
rancid-admin-group2: admin@company.test
See /usr/local/share/doc/rancid/README for detailed explanations and more examples.
Note: do not forget to run newaliases(8)
4. Switch to _rancid user and create /var/rancid/.cloginrc, e.g.
add user * $env(USER)
add password * {MYPASSWORD}
add autoenable * {1}
add method * {ssh}
add password * {MYPASSWORD}
add autoenable * {1}
add method * {ssh}
Set appropriate permissions:
$ chmod 600 /var/rancid/.cloginrc
5. Initialize CVS tree:
$ rancid-cvs
No conflicts created by this import
cvs checkout: Updating group1
Directory /var/rancid/CVS/group1/configs added to the repository
cvs commit: Examining configs
cvs add: scheduling file `router.db' for addition
cvs add: use 'cvs commit' to add this file permanently
RCS file: /var/rancid/CVS/group1/router.db,v
done
Checking in router.db;
/var/rancid/CVS/group1/router.db,v <-- router.db
initial revision: 1.1
done
No conflicts created by this import
cvs checkout: Updating group2
Directory /var/rancid/CVS/group2/configs added to the repository
cvs commit: Examining configs
cvs add: scheduling file `router.db' for addition
cvs add: use 'cvs commit' to add this file permanently
RCS file: /var/rancid/CVS/group2/router.db,v
done
Checking in router.db;
/var/rancid/CVS/group2/router.db,v <-- router.db
initial revision: 1.1
done
6. Create router.db file for each group:
$ echo router1:cisco:up > /var/rancid/group1/router.db
$ echo router2:juniper:up > /var/rancid/group2/router.db
$ echo router2:juniper:up > /var/rancid/group2/router.db
7. Run rancid, check logs, check mail delivery:
$ rancid-run
Logfiles location: /var/rancid/logs
8. Create _rancid's crontab, e.g.:
MAILTO=admin@company.test
#minute hour mday month wday command
60 * * * * nice /usr/local/bin/rancid-run group1
50 * * * * nice /usr/local/bin/rancid-run group2
05 2 * * * find /var/rancid/logs -type f -mtime +2 -exec rm {} \;
9. Install cvsweb package:
# pkg_add cvsweb-2.0.6p10.tgz
cvsweb-2.0.6p10: ok
Look in /usr/local/share/doc/pkg-readmes for extra documentation.
cvsweb-2.0.6p10: ok
Look in /usr/local/share/doc/pkg-readmes for extra documentation.
10. Configure cvsweb as described in /usr/local/share/doc/pkg-readmes/cvsweb-2.0.6p10:
In one line:
# cd /var/www && mkdir tmp usr && chown www.www tmp && cd /var/www/usr && mkdir -p {bin,lib,libdata/perl5,libexec} && cd /var/www/usr/libdata/perl5 && mkdir -p {File,IPC,Time,warnings,`machine`-openbsd/5.12.2} && cd /var/www/usr/bin && cp -p /usr/bin/{co,cvs,diff,perl,rcsdiff,rlog,uname} . && cd /var/www/usr/lib && cp -p /usr/lib/lib{c,crypto,gssapi,krb5,m,perl,util,z}.so* . && cd /var/www/usr/libexec && cp -p /usr/libexec/ld.so . && cd /var/www/usr/libdata/perl5 && cp -p /usr/libdata/perl5/{Carp,Exporter,Symbol,base,integer}.pm . && cp -p /usr/libdata/perl5/{strict,warnings,vars,constant}.pm . && cp -p /usr/libdata/perl5/File/Basename.pm ./File/ && cp -p /usr/libdata/perl5/IPC/Open{2,3}.pm ./IPC/ && cp -p /usr/libdata/perl5/Time/Local.pm ./Time/ && cp -p /usr/libdata/perl5/warnings/register.pm ./warnings/ && cd /var/www/usr/libdata/perl5/`machine`-openbsd/5.12.2 && cp -p /usr/libdata/perl5/`machine`-openbsd/5.12.2/{Config,Cwd}.pm . && cp -p /usr/libdata/perl5/`machine`-openbsd/5.12.2/Config_{git,heavy}.pl .
11. Add rancid entry to exports(5):
# echo "/var/rancid/CVS -ro -mapall=nobody localhost" >> /etc/exports
12. Add rancid mount point to fstab(5):
# echo "localhost:/var/rancid/CVS /var/www/rancid nfs ro,nodev,nosuid,noexec 0 0" >> /etc/fstab
13. Configure rc.conf.local(8) appropriately, e.g.
httpd_flags=""
nfs_server=YES
portmap=YES
nfs_server=YES
portmap=YES
14. Since httpd(8) in OpenBSD runs chrooted, cvsweb files require some changes (as described in /usr/local/share/doc/pkg-readmes/cvsweb-2.0.6p10:
--- /var/www/conf/cvsweb/cvsweb.conf.orig +++ /var/www/conf/cvsweb/cvsweb.conf @@ -43,7 +43,8 @@ # 'symbolic_name' => ['name_to_display', 'path_to_the_actual_repository'] # Listed in the order specified: @CVSrepositories = ( - 'local' => ['Local Repository', '/home/cvs'], + 'rancid' => ['rancid', '/rancid'], +# 'local' => ['Local Repository', '/home/cvs'], # 'freebsd' => ['FreeBSD', '/home/ncvs'], # 'openbsd' => ['OpenBSD', '/home/ncvs'], # 'netbsd' => ['NetBSD', '/home/ncvs'], @@ -321,7 +322,7 @@ # cvsweb to guess the correct mime-type on # checkout; you can use the mime.types from # apache here: -$mime_types = '/var/www/conf/mime.types'; +$mime_types = '/conf/mime.types'; # quick mime-type lookup; maps file-suffices to # mime-types for displaying checkouts in the browser.
--- /var/www/cgi-bin/cvsweb.orig
+++ /var/www/cgi-bin/cvsweb
@@ -157,7 +157,7 @@
# == EDIT this ==
# Locations to search for user configuration, in order:
-for ("$mydir/cvsweb.conf", '/var/www/conf/cvsweb/cvsweb.conf') {
+for ("$mydir/cvsweb.conf", '/conf/cvsweb/cvsweb.conf') {
if (defined($_) && -r $_) {
$config = $_;
last;
15. Add redirect statement to httpd.conf for convenience:
Redirect /cvsweb http://server.company.test/cgi-bin/cvsweb
No comments:
Post a Comment