Docker Compose 로 설치

GitLab 에 설정을 Push 하는 설정

폴더 생성

mkdir -p /opt/oxidized/{ssh,config}

키 생성

ssh-keygen -t rsa -b 2048 -m PEM -C "bot@git.mydomain.net" -f /opt/oxidized/ssh/bot
chown -R 30000:30000 /opt/oxidized/

Git 서버 호스트키 등록

ssh-keyscan -p 2222 git.mydomain.net > /opt/oxidized/ssh/known_hosts

(참고) https://github.com/ytti/oxidized/issues/2849

docker compose 파일 작성

version: '3.6'

services:
  oxidized:
    restart: always
    image: oxidized/oxidized:latest
    ports:
      - 8888:8888/tcp
    environment:
      CONFIG_RELOAD_INTERVAL: 600
    volumes:
       - ./oxidized/config:/home/oxidized/.config/oxidized/
       - ./oxidized/ssh:/home/oxidized/.ssh/

config 파일 작성

---
username: __READ_ONLY_USERNAME__
password: __PASSWORD__
...
rest: 0.0.0.0:8888
output:
  default: git
  git:
    user: bot
    email: noreply@mydomain.net
    repo: "/home/oxidized/.config/oxidized/oxidized.git"
hooks:
  push_to_remote:
    type: githubrepo
    events: [node_success, post_store]
    remote_repo:
      group1: ssh://git@git.mydomain.net/configs/group1-router-configs.git
      group1: ssh://git@git.mydomain.net/configs/group2-router-configs.git
    publickey: /home/oxidized/.ssh/bot.pub
    privatekey: /home/oxidized/.ssh/bot
...

(참고) https://github.com/ytti/oxidized/blob/master/docs/Hooks.md

라우터 목록 작성

rtr1:192.168.0.101:iosxr:group1
rtr2:192.168.0.102:iosxr:group1
rtr3:192.168.0.201:iosxr:group2
rtr4:192.168.0.202:iosxr:group2

GitLab 환경변수 추가

GITLAB_ALLOW_SHA1_RSA: true 추가

# cat 
version: '3.6'

services:
  app:
    image: gitlab/gitlab-ce:16.6.7-ce.0
    restart: always
    environment:
      GITLAB_ALLOW_SHA1_RSA: true

(참고) GithubRepo push to remote not work after upgade gitlab to 16.3.4, https://github.com/ytti/oxidized/issues/2948