RANCID Integration

Installation

Install RANCID and Subversion:

apt-get install rancid subversion

We need to add a group for rancid to store configs in:

nano /etc/rancid/rancid.conf

Add this line:

LIST_OF_GROUPS="observium"

Change these two lines:

CVSROOT=$BASEDIR/CVS; export CVSROOT
RCSSYS=cvs; export RCSSYS

to:

CVSROOT=$BASEDIR/SVN; export CVSROOT
RCSSYS=svn; export RCSSYS

Run this command to create the folder structure:

su - rancid
/var/lib/rancid/bin/rancid-cvs

Create a .cloginrc file:

nano /var/lib/rancid/.cloginrc

Here is an example that works for Mikrotik devices:

add user * rancid
add password * password
add identity * /var/lib/rancid/.ssh/id_dsa
add method * ssh
add noenable * {1}

Make sure you have your public key credentials in /var/lib/rancid/.ssh/

Test it out on your router! (In this example, your router is named myrouter)

/var/lib/rancid/bin/mtlogin myrouter

Add www-data to the rancid group:

 usermod -a -G rancid www-data

Observium Integration

Configuration

You can either change the below settings in the config.php or via the web-based configuration accessible from the right hand "cog" menu in the Observium web interface.

Update the Observium config so it knows how to use RANCID:

 nano /opt/observium/config.php

Add these lines:

 $config['rancid_configs'][]              = "/var/lib/rancid/observium/configs/";
 $config['rancid_ignorecomments']        = 0;

If you're running RANCID v3.x, add the following line :

 $config['rancid_version'] = '3';

Restart apache:

 /etc/init.d/apache2 restart

You should now see a config tab in Observium, with your configs there!

Observium has a script which can generate the router.db config based on what’s in Observium.

 rancid@observium:/opt/observium/scripts$ php generate-rancid.php 
 # do not edit file directly!
 #RANCID router.db autogenerated by 
 router:mikrotik:up

Dump it in the RANCID config file with this command:

 php /opt/observium/scripts/generate-rancid.php > /var/lib/rancid/observium/router.db

RHEL Installation

Minor

There are some minor differences to be aware of when running RANCID on RHEL. Instead of the configuration files being stored in /var/lib/rancid/, RHEL stores them in /var/rancid/. You may also need to change your RequiredRSASize in your /etc/ssh/ssh_config, as it is updated in RHEL 9.2 to 2048 bits.

For RHEL installations it is suggested that you update to RHEL 9.4. Installation instructions have not been tested for other versions!

Install rancid and subversion:

dnf install rancid subversion

We need to add a group for rancid to store configs in:

nano /etc/rancid/rancid.conf

Add this line:

LIST_OF_GROUPS="observium"

Change these two lines:

CVSROOT=$BASEDIR/CVS; export CVSROOT
RCSSYS=cvs; export RCSSYS

to:

CVSROOT=$BASEDIR/SVN; export CVSROOT
RCSSYS=svn; export RCSSYS

Run this command to create the folder structure:

su - rancid
rancid-cvs

Create a .cloginrc file:

nano /var/rancid/.cloginrc

Here is an example that works for Mikrotik devices:

add user * rancid
add password * password
add identity * /var/lib/rancid/.ssh/id_dsa
add method * ssh
add noenable * {1}

Make sure you have your public key credentials in /var/lib/rancid/.ssh/

Test it out on your router! (In this example, your router is named myrouter)

/var/lib/rancid/bin/mtlogin myrouter

For RHEL installations, Add apache to the rancid group:

 usermod -a -G rancid apache

After integration (see "Observium Integration" section), restart apache:

 systemctl restart httpd

Automation

We can add this in cron to do this automatically.

If you want rancid to back up daily, then add something like this to cron:

 0 5 * * * /var/lib/rancid/bin/rancid-run
 #hourly router dump
 50 23 * * * /usr/bin/find /var/lib/rancid/logs -type f -mtime   +2 -exec rm {} \;