Untitled

#Генерируем ключ для huawei
ssh-keygen -f  ~/.ssh/id_rsa -t rsa -b 1024

#конвертируем ключ для Huawei (вывод команды запишите, он понадобится дальше)
ssh-keygen -e -m pem -f ~/.ssh/id_rsa.pub | sed '1d;$d' | tr -d '\n' | base64 -d | xxd -c 24 -g 4 -u | sed -e "s/^.*: //" -e "s/.\{25\}$//g"

#команды для роутеров Huawei Ar6120 (ключ заменить на вывод предыдущей команды!)
sys
rsa peer-public-key  gitea
   public-key-code begin
30818902 818100BC BCEEF881 EF35DE90 5E25D514 A989BE77
AF833856 B814757D 14B5DF2E 54BE0107 3CDC68A1 AD5A814B
9DAC1EDD DFF40E99 721C8225 BEA6B710 4F20417C B823011F
1A7A8766 95327491 372D6D8C 67D101F5 E0E9E200 915C4740
2C299B4E AA2E1B90 F433EB78 2DC270EA D131BBB8 8B353A43
3B9B154C 91782BDC 35CD61B4 8E346F02 03010001
  public-key-code end
peer-public-key end
aaa
  local-user backuper privilege level 15
  local-user backuper service-type ssh
  quit
 ssh user backuper authentication-type rsa
 ssh user backuper assign rsa-key gitea
quit
quit
save
y

#Для коммутаторов Huawei S5735 самую чуточку отличий:
sys
rsa peer-public-key  gitea
   public-key-code begin
30818902 818100BC BCEEF881 EF35DE90 5E25D514 A989BE77
AF833856 B814757D 14B5DF2E 54BE0107 3CDC68A1 AD5A814B
9DAC1EDD DFF40E99 721C8225 BEA6B710 4F20417C B823011F
1A7A8766 95327491 372D6D8C 67D101F5 E0E9E200 915C4740
2C299B4E AA2E1B90 F433EB78 2DC270EA D131BBB8 8B353A43
3B9B154C 91782BDC 35CD61B4 8E346F02 03010001
  public-key-code end
peer-public-key end
user-interface vty 0 4
  user privilege level 15
aaa
  local-user backuper privilege level 15
  local-user backuper service-type ssh
  quit
 ssh user backuper authentication-type rsa
 ssh user backuper assign rsa-key gitea
 ssh user backuper service-type all
quit
save
y

#Для вставки в БД:
insert into netdev (hostname,ip,login,pass,tag,model) values ( 'ufa-ar6120-2', '10.2.100.2','backuper','','huawei','AR6120');

#скрипт /config/huawei/do_backup.sh
#!/bin/bash -i
eval "$(ssh-agent -s)"
ssh-add /root/.ssh/id_rsa
result=$(sqlite3  /config/database/netdevices.db "SELECT hostname,ip,login,model from netdev WHERE tag='huawei';")
dev_arr=($result)
tftp_ip="10.99.100.1"

for device in "${dev_arr[@]}"
do
  IFS='|' read -r -a split <<< "$device"
  ip=${split[1]}
  hostname=${split[0]}
  login=${split[2]}
  model=${split[3]}

#clear log file
  >/config/tmpfiles/$hostname-log.txt
# using arguments: host_ip, login, hostname, tftp_ip
  if [ "$model" = "AR6120" ]
  then
    /config/huawei/backup_by_expect.sh $ip $login $hostname $tftp_ip &
  elif [ "$model" = "SW5735" ]
  then
    /config/huawei/backup_by_expect_sw5735.sh $ip $login $hostname $tftp_ip &
  fi
done
exit

#скрипт /config/huawei/backup_by_expect.sh
#!/usr/bin/expect -f
log_user 0
set host_ip [lindex $argv 0]
set login [lindex $argv 1]
set hostname [lindex $argv 2]
set tftp_ip [lindex $argv 3]

log_file -a /config/tmpfiles/$hostname-log.txt
spawn ssh -oStrictHostKeyChecking=no $login@$host_ip
expect ">"
exp_send "save $hostname.cfg\r"
expect ">"
exp_send "y\r"
expect ">"
exp_send "y\r"
expect ">"
exp_send "tftp $tftp_ip put $hostname.cfg $hostname.cfg\r"
expect ">"
sleep 6
exp_send "quit\r"
interact

#скрипт /config/huawei/backup_by_expect_sw5735.sh
#!/usr/bin/expect -f
log_user 0
set host_ip [lindex $argv 0]
set login [lindex $argv 1]
set hostname [lindex $argv 2]
set tftp_ip [lindex $argv 3]

log_file -a /config/tmpfiles/$hostname-log.txt
spawn ssh -oStrictHostKeyChecking=no $login@$host_ip
sleep 5
expect ">"
exp_send "save $hostname.cfg\r"
expect ">"
exp_send "y\r"
expect ">"
exp_send "y\r"
expect ">"
exp_send "tftp $tftp_ip put $hostname.cfg $hostname.cfg\r"
expect ">"
exp_send "quit\r"
interact

#скрипт /config/huawei/commit_and_push.sh
#!/bin/bash
eval "$(ssh-agent -s)"
ssh-add /root/.ssh/rsa_2048
cd /config/huawei
>/config/tmpfiles/resultfile.txt
/config/huawei/analyse_result.sh
echo "COMMIT" >> /config/tmpfiles/resultfile.txt
datestr=$(date '+%Y-%m-%d')
git add tftp/*
git commit -a -m "backup-$datestr"  &>>/config/tmpfiles/resultfile.txt
echo "PUSH" >> /config/tmpfiles/resultfile.txt
git push &>>/config/tmpfiles/resultfile.txt
/usr/bin/mail Network_info@domain.ru < /config/tmpfiles/resultfile.txt -s "отчет по бэкапам сетевого оборудования"
exit

#анализатор логов /config/huawei/analyse_result.sh
#!/bin/bash
result=$(sqlite3  /config/database/netdevices.db "SELECT hostname from netdev WHERE tag='huawei' and model='AR6120';")
dev_arr=($result)
success_str1="  Configuration file had been saved successfully"
success_str2="TFTP: Uploading the file successfully."
success_str_sw="Save the configuration successfully."
ok=0
datestr=$(date '+%Y-%m-%d')
echo "$datestr" >> /config/tmpfiles/resultfile.txt
#ROUTERS
for device in "${dev_arr[@]}"
do
  hostname=$device
# when grep is success it returns 0
  grep -q "$success_str1" /config/tmpfiles/$hostname-log.txt
  res1=$?
  grep -q "$success_str2" /config/tmpfiles/$hostname-log.txt
  res2=$?
  if [[ $res1 -eq $ok && $res2 -eq $ok ]]
  then
    echo "$hostname backup is OK" >> /config/tmpfiles/resultfile.txt
  else
    echo "$hostname backup is ERROR! ERROR! ERROR!" >> /config/tmpfiles/resultfile.txt
  fi
done

#SWITCHES
result=$(sqlite3  /config/database/netdevices.db "SELECT hostname from netdev WHERE tag='huawei' and model='SW5735';")
dev_arr=($result)
for device in "${dev_arr[@]}"
do
  hostname=$device
# when grep is success it returns 0
  grep -q "$success_str_sw" /config/tmpfiles/$hostname-log.txt
  res1=$?
  grep -q "$success_str2" /config/tmpfiles/$hostname-log.txt
  res2=$?
  if [[ $res1 -eq $ok && $res2 -eq $ok ]]
  then
    echo "$hostname backup is OK" >> /config/tmpfiles/resultfile.txt
  else
    echo "$hostname backup is ERROR! ERROR! ERROR!" >> /config/tmpfiles/resultfile.txt
  fi
done

#Запустим скрипты по расписанию: crontab -e
00 05 * * * /config/huawei/do_backup.sh
30 05 * * * /config/huawei/commit_and_push.sh