Oxidized kasutamine: erinevus redaktsioonide vahel

Sissejuhatus

TODO

Oxidized tarkvara https://github.com/ytti/oxidized ...

Tööpõhimõte

Väited

• Tekitatakse pisike võrguseadme mock linux kasutaja abil
• Tekitatakse docker põhine oxidized

Võrguskeem

                      seade-01          seade-02          seade-03        seade-nn
                          |                 |                 |               |
  
 
                                     internet - vpn
  
                     |                                                 |
                  ___|___                                           ___|___
                 |       | oxidized                                |       | gitea
                 |       |                                         |       |
                 |_______| lokaalne git repo                       |_______| remote git repo
                     |                                                  |
                     |                                                  |
                   --|--------------------------------------------------|---

kus

• oxidized kopeerib seadmetest seadistused enda lokaalsesse git reposse
• oxidized seadistuses kirjeldatud nn hook sünkroniseerib-kopeerib lokaalsest gitist andmeid remote git peale
• oxidized ja gitea omavad mõlemad webgui liidest
• oxidized ja gitea on mõlemad docker konteinerid
• oxidized ei kasuta sql vms andmebaasi, andmeid hoitakse failisüsteemis (ehedalt ja git repona)
• gitea kasutab vajadusel postgresql andmebaasi kasutajate jms hoidmiseks, vaikimisi kasutab sqlite3 baasi; ja git'i

Mock switch - Linux kasutaja shell script

Mock switch seisneb Linux operatsioonisüsteemi tavalise kasutaja tekitamises, mille shell on asendatud nt sellise skriptiga

root@zabbix-pub-01:~# grep cisco /etc/passwd
cisco:x:1001:1001::/home/cisco:/home/cisco/router_cli.sh

ja

root@zabbix-pub-01:~# cat /home/cisco/router_cli.sh
#!/bin/bash

# 1. Print a fake Cisco login welcome and prompt instantly on connection
echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
echo ""
echo -n "mock-edge-sw01#"

# 2. Enter an infinite loop to read incoming commands interactively
while true; do
    # Read the next command passed over the terminal stream
    read -r CMD

    # Clean up trailing carriage returns (\r) sent by network tools
    CMD=$(echo "$CMD" | tr -d '\r' | tr -d '"' | tr -d "'")

    case "$CMD" in
        "show run"|"show running-config"|"show startup-config")
            cat /home/cisco/mock_cisco.cfg
            ;;
        "show version")
            echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
            ;;
        "terminal length 0"|"terminal width 0"|"enable"|"")
            # Return success silently for environment setup instructions
            ;;
        "exit"|"quit")
            echo "Closing connection."
            exit 0
            ;;
        *)
            # If Oxidized sends an unhandled cleanup command, absorb it silently
            ;;
    esac

    # CRITICAL: Print the Cisco prompt back to the stream so Oxidized
    # knows the command finished and it is safe to send the next line!
    echo -n "mock-edge-sw01#"
done

koos enablega

#!/bin/bash

# 1. Print a fake Cisco login welcome and start with USER privilege prompt (>)
echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
echo ""
echo -n "mock-edge-sw01>"  # <--- Note the '>' here!

# Keep track of whether we are in enable mode or not
IS_ENABLED=false

# 2. Enter the infinite loop
while true; do
    read -r CMD
    CMD=$(echo "$CMD" | tr -d '\r' | tr -d '"' | tr -d "'")

    # If Oxidized sends 'enable', simulate the password challenge
    if [ "$CMD" = "enable" ] && [ "$IS_ENABLED" = false ]; then
        echo -n "Password: "
        read -r EN_PASS  # Blindly absorb the enable password sent by Oxidized
        IS_ENABLED=true
        echo -n "mock-edge-sw01#"  # Send the privileged prompt!
        continue
    fi

    # Process commands based on state
    case "$CMD" in
        "show run"|"show running-config"|"show startup-config")
            if [ "$IS_ENABLED" = true ]; then
                cat /home/cisco/mock_cisco.cfg
            else
                echo "% Unauthorized command."
            fi
            ;;
        "show version")
            echo "Cisco IOS Software, Simulation Engine Version 1.0(MOCK)"
            ;;
        "terminal length 0"|"terminal width 0"|"")
            # Return success silently for environment setup instructions
            ;;
        "exit"|"quit")
            echo "Closing connection."
            exit 0
            ;;
        *)
            # Absorbs unhandled strings
            ;;
    esac

    # Print the correct trailing prompt depending on our simulated privilege level
    if [ "$IS_ENABLED" = true ]; then
        echo -n "mock-edge-sw01#"
    else
        echo -n "mock-edge-sw01>"
    fi
done

ning näidis seadistusfail st switch conf

root@zabbix-pub-01:~# cat /home/cisco/mock_cisco.cfg
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end

ja vaigistada banneri esitamine

root@zabbix-pub-01:~# touch /home/cisco/.hushlogin
root@zabbix-pub-01:~# chown cisco:cisco /home/cisco/.hushlogin

Kasutamise testimiseks

root@dh-minio-01:~# ssh cisco@192.168.10.193
cisco@192.168.10.193's password:
Cisco IOS Software, Simulation Engine Version 1.0(MOCK)

mock-edge-sw01#show run
!
hostname mock-edge-sw01
!
interface GigabitEthernet1/1
 description Uplink to Core
 switchport mode trunk
!
interface GigabitEthernet1/2
 description Connected to Zabbix Proxy
 switchport access vlan 10
!
end
mock-edge-sw01#exit
Closing connection.
Connection to 192.168.10.193 closed.
root@dh-minio-01:~#
imreoolberg@Imres-MacBook-Air ~ %

Paigaldamine - Docker

Docker compose ja volume ressurssidele vajalikud kataloogid

# mkdir -p /srv/oxidized/dc
# mkdir -p /srv/oxidized/volume/home/oxidized/.config/oxidized
# chmod 0777 /srv/oxidized/volume/home/oxidized/.config/oxidized

Docker compose faili näidis

# cd /srv/oxidized/dc
# cat docker-compose-oxidized.yaml
name: p_oxidized
services:
  svc_oxidized:
    image: oxidized/oxidized:latest
    container_name: cn_oxidized
    restart: unless-stopped

    ports:
      - "8888:8888" # Web UI and REST API
    volumes:
      - '/srv/oxidized/volume/home/oxidized/.config/oxidized:/home/oxidized/.config/oxidized'
      - '/srv/oxidized/volume/home/oxidized/.ssh:/home/oxidized/.ssh'

    environment:
      - CONFIG_RELOAD_INTERVAL=600
      - TZ=Europe/Tallinn

    networks:
      - nw_oxidized

networks:
  nw_oxidized:
    name: nw_oxidized
    driver: bridge

Oxidized seadistamine

• oxidized seadistusfail - /srv/oxidized/volume/home/oxidized/.config/oxidized/config - moodustab ise konteineri käivitamisel alguseks sobiva sisuga
• ruuterite-switchide-jms-seadmete ligipääsufail - /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db - inimene moodustab
• config failis tuleks kasutada alustuseks username ja password väärtustena reaalset mock ligipääsu; selleks et router.db toimiks ligipääsu osas tuleb map: direktiiviga töötada

Ligipääsude fail, nt (sisaldab linux põhist mock'i)

# cat /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
192.168.10.193:cisco:cisco:parool

Käivitamine

root@dh-minio-01:/srv/oxidized/dc# docker compose -f docker-compose-oxidized.yml up -d

root@dh-minio-01:~# docker ps
CONTAINER ID   IMAGE                      COMMAND                  CREATED          STATUS          PORTS                                         NAMES
4ab02b28a9ca   oxidized/oxidized:latest   "/usr/bin/dumb-init …"   45 minutes ago   Up 24 minutes   0.0.0.0:8888->8888/tcp, [::]:8888->8888/tcp   cn_oxidized

Ootus on et failisüsteemi tekib

root@dh-minio-01:/srv/oxidized# find /srv/oxidized/volume -type f -ls
   134710      4 -rw-r--r--   1 30000    30000         250 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/configs/192.168.10.193
   155498      4 -rw-r--r--   1 30000    30000          33 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/router.db
   134694      4 -rw-r--r--   1 30000    30000           2 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/pid
   173784      4 -rw-r--r--   1 30000    30000         921 Jun  3 14:15 /srv/oxidized/volume/home/oxidized/.config/oxidized/config
   173789      4 -rw-r--r--   1 30000    30000        1942 Jun  3 14:04 /srv/oxidized/volume/home/oxidized/.config/oxidized/crash

kus

• configs/192.168.10.193 - varundus teksti kujul

Konteineris toimuv

root@dh-minio-01:~# docker exec -ti 4a ps auxf
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root          70 25.0  0.0   6392  3764 pts/0    Rs+  11:35   0:00 ps auxf
root           1  0.0  0.0   2420  1368 ?        Ss   11:15   0:00 /usr/bin/dumb-init -- runsvdir -P /etc/service
root           7  0.0  0.0   2588  1484 ?        Ss   11:15   0:00 runsvdir -P /etc/service
root           8  0.0  0.0   2436  1460 ?        Ss   11:15   0:00  \_ runsv oxidized
oxidized      11  0.0  1.0 1348956 61436 ?       Sl   11:15   0:01  |   \_ /usr/bin/ruby3.3 /usr/local/bin/oxidized
root           9  0.0  0.0   2436  1552 ?        Ss   11:15   0:00  \_ runsv auto-reload-config
root          12  0.0  0.0   4056  3220 ?        S    11:15   0:00  |   \_ /bin/bash ./run
root          62  0.0  0.0   2580  1616 ?        S    11:35   0:00  |       \_ sleep 600
root          10  0.0  0.0   2436  1484 ?        Ss   11:15   0:00  \_ runsv update-ca-certificates
root          13  0.0  0.0   4056  3276 ?        S    11:15   0:00      \_ /bin/bash ./run
root          14  0.0  0.0   2580  1580 ?        S    11:15   0:00          \_ sleep infinity

Ruby sisu

root@dh-minio-01:~# docker exec -ti 4a gem list oxidized rugged

*** LOCAL GEMS ***

oxidized (0.37.0)
oxidized-web (0.18.1)

*** LOCAL GEMS ***

rugged (1.9.0)

Oxidized seadistamine

Kogu oxidized rakenduse seadistusfail

root@dh-minio-01:/srv/oxidized/dc# cat ../volume/home/oxidized/.config/oxidized/config
---
username: cisco
password: parool
model: junos
resolve_dns: true
interval: 3600
debug: false
run_once: false
threads: 30
use_max_threads: false
timeout: 20
timelimit: 300
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
next_adds_job: false
vars: {}
groups: {}
group_map: {}
models: {}
pid: "/home/oxidized/.config/oxidized/pid"
extensions:
  oxidized-web:
    load: false
crash:
  directory: "/home/oxidized/.config/oxidized/crashes"
  hostnames: false
stats:
  history_size: 10
input:
  default: ssh, telnet
  debug: false
  ssh:
    secure: false
  ftp:
    passive: true
  utf8_encoded: true
output:
  default: file
  file:
    directory: "/home/oxidized/.config/oxidized/configs"
source:
  default: csv
  csv:
    file: "/home/oxidized/.config/oxidized/router.db"
    delimiter: !ruby/regexp /:/
    field:
      name: 0
      model: 1
    map:
      name: 0
      model: 1
      username: 2
      password: 3
    gpg: false
model_map:
  juniper: junos
  cisco: ios

kus

• source -> csv -> field ja -> map tuleb kohendada nt selliseks nagu ülal toodud, et ta oskaks router.db failist kasutada kasutajanime ja parooli
• output > default -> file muudetakse allpool git vastu

Webgui

Webgui kasutamiseks tuleb käivitada nn veebiserveri konteineris

root@dh-minio-01:~# grep rest /srv/oxidized/volume/home/oxidized/.config/oxidized/config
rest: 0.0.0.0:8888

paistab brauseris

kus

• TODO

lokaalse git repo kasutamine varunduseks

Väited

• võimalik on kasutada lokaalset git repot storage lahendusena

Nö tavalisele oxidized seadistusfaili sees peab olema sarnane output osakond

..
output:
  default: git
  git:
    user: Oxidized Robot
    email: oxidized@auul.pri.ee
    repo: /home/oxidized/.config/oxidized/devices-backups.git
...

Tulemusena

...

remote git repo liidestamine süsteemiga

Väited

• remote git repo liidestatakse mitte iseseisva nö storage lahendusena, aga toetava git lahendusena
• remote git repo kasutamise eelduseks on lokaalse git repo kasutamine

Nö tavalisele oxidized seadistusfaili sees peab olema sarnane output osakond

..
output:
  default: git
  git:
    user: Oxidized Robot
    email: oxidized@auul.pri.ee
    repo: /home/oxidized/.config/oxidized/devices-backups.git
...

hooks:
  push_to_remote:
    type: githubrepo
    events: [post_store]
    remote_repo: ssh://git@192.168.10.163:2222/oxidized/devices-backups.git
    publickey: /home/oxidized/.ssh/id_ed25519-gitea.pub
    privatekey: /home/oxidized/.ssh/id_ed25519-gitea

....

kus

• git@ on tehniliselt kasutajanimi, aga kõik kasutajad pöörduvad selle kasutajanimega
• kasutaja identiteet tehakse git repo poolel kindlaks ssh võtme alusel

ssh kasutaja autentimise ettevalmistamine, tekitada priv ja pub võtmed

host# ssh-keygen -f /srv/oxidized/volume/home/oxidized/.ssh/id_ed25519-gitea

kohendada docker compose failis kasutaja:grupp sobivaks, vaatates eeskujuks olemasolevaid, nt

host# chown -R 30000:30000 /srv/oxidized/volume/home/oxidized/.ssh

Paigutada pub võti gitea webgui peal sobivasse kohta.

Veenduda ssh töötamises, nt

root@dh-minio-01:/srv/oxidized/dc# docker exec -ti cn_oxidized bash

root@75b0bf77531a:/# su - oxidized

oxidized@75b0bf77531a:~$ ssh -i .ssh/id_ed25519-gitea git@192.168.10.163 -p 2222
PTY allocation request failed on channel 0
Hi there, admin! You've successfully authenticated with the key named from-oxidized, but Gitea does not provide shell access.
If this is unexpected, please log in with password and setup Gitea under another user.
Connection to 192.168.10.163 closed.

Oxidized webguis versioonid paistavad nii

Gitea webguis versioonid paistavad nii

Misc

username: oxidezed
password: parool
model: cisco
interval: 7200
use_syslog: true
debug: false
threads: 30
timeout: 120
retries: 3
prompt: !ruby/regexp /^([\w.@-]+[#>]\s?)$/
rest: 0.0.0.0:8888
vars:
  enable: parool
  remove_secret: true
  auth_methods: [ "password", "keyboard-interactive" ]
pid: "~/.config/oxidized/pid"
input:
  default: ssh
  debug: ~/.config/oxidized/log_input
  ssh:
    secure: false
output:
  default: git
  git:
    user: oxidized
    email: imre@imre
    repo: "~/devices.git"
#output:
#  default: file
#  file:
#    directory: "/opt/oxidized/.config/oxidized/configs"

source:
  default: csv
  csv:
    file: "~/.config/oxidized/router.db"
    delimiter: !ruby/regexp /:/
    map:
      name: 0
      model: 1
      status: 2
      group: 3
model_map:
  cisco: ios

groups:
  GR_AUUL:
    username: cisco
    password: parool
    vars:
      ssh_port: 22264
models: {}

imre@imre-mac ~ % diff gem-list-20260607-rv-oxidized.txt gem-list-20260607-imre-oxidized.txt
1,3c1,3
< asetus (0.3.0)
< backports (3.23.0)
< bcrypt_pbkdf (1.1.0)
---
> asetus (0.4.0)
> backports (3.25.3)
> bcrypt_pbkdf (1.1.2)
6c6
< bundler (default: 2.1.2)
---
> bundler (2.1.4, default: 2.1.2)
8c8
< charlock_holmes (0.7.7)
---
> charlock_holmes (0.7.9)
14c14
< ed25519 (1.2.4)
---
> ed25519 (1.3.0)
25c25
< htmlentities (4.3.4)
---
> htmlentities (4.4.2)
29c29
< json (default: 2.3.0)
---
> json (2.19.8, default: 2.3.0)
32a33
> molinillo (0.6.4)
34a36
> net-http-persistent (2.9.4)
56,57c58,59
< rb-fsevent (0.11.0)
< rb-inotify (0.10.1)
---
> rb-fsevent (0.11.2)
> rb-inotify (0.11.1)
64c66
< rugged (0.28.5)
---
> rugged (0.99.0, 0.28.5)
71c73
< slop (4.9.1, 3.6.0)
---
> slop (4.10.1, 4.9.1, 3.6.0)
74c76
< temple (0.8.2)
---
> temple (0.10.4)
76c78,79
< tilt (2.0.10)
---
> thor (0.19.4)
> tilt (2.7.0)

Misc 2

# df -h -t ext4 -T
Filesystem                Type  Size  Used Avail Use% Mounted on
/dev/mapper/system-root   ext4   24G   18G  5.3G  77% /
/dev/mapper/system-mysql  ext4   49G   35G   13G  74% /var/lib/mysql
/dev/mapper/system-rrd    ext4  196G  154G   33G  83% /opt/observium/rrd
/dev/mapper/system-tmpdir ext4  2.9M   14K  2.6M   1% /srv/mysqlbackup

# systemctl status srv-mysqlbackup.mount
● srv-mysqlbackup.mount - /srv/mysqlbackup
   Loaded: loaded (/proc/self/mountinfo)
   Active: active (mounted) since Thu 2026-06-18 01:05:15 EEST; 11h ago
    Where: /srv/mysqlbackup
     What: /dev/mapper/system-tmpdir

# systemctl show srv-mysqlbackup.mount | less
Where=/srv/mysqlbackup
What=/dev/mapper/system-tmpdir
Options=rw,relatime,stripe=256,data=ordered
Type=ext4
TimeoutUSec=1min 30s
ControlPID=0
DirectoryMode=0755
SloppyOptions=no
LazyUnmount=no
ForceUnmount=no
Result=success
UID=[not set]
GID=[not set]
Slice=system.slice
MemoryCurrent=[not set]
CPUUsageNSec=[not set]
TasksCurrent=[not set]
IPIngressBytes=18446744073709551615
IPIngressPackets=18446744073709551615
IPEgressBytes=18446744073709551615
IPEgressPackets=18446744073709551615
Delegate=no
CPUAccounting=no
CPUWeight=[not set]
StartupCPUWeight=[not set]
CPUShares=[not set]
StartupCPUShares=[not set]
CPUQuotaPerSecUSec=infinity
IOAccounting=no
IOWeight=[not set]
StartupIOWeight=[not set]
BlockIOAccounting=no
BlockIOWeight=[not set]
StartupBlockIOWeight=[not set]
MemoryAccounting=no
MemoryLow=0
MemoryHigh=infinity
MemoryMax=infinity
MemorySwapMax=infinity
MemoryLimit=infinity
DevicePolicy=auto
TasksAccounting=yes
TasksMax=17203
IPAccounting=no
UMask=0022
LimitCPU=infinity
LimitCPUSoft=infinity
LimitFSIZE=infinity
LimitFSIZESoft=infinity
LimitDATA=infinity
LimitDATASoft=infinity
LimitSTACK=infinity
LimitSTACKSoft=8388608
LimitCORE=infinity
LimitCORESoft=0
LimitRSS=infinity
LimitRSSSoft=infinity
LimitNOFILE=4096
LimitNOFILESoft=1024
LimitAS=infinity
LimitASSoft=infinity
LimitNPROC=1030297
LimitNPROCSoft=1030297
LimitMEMLOCK=67108864
LimitMEMLOCKSoft=67108864
LimitLOCKS=infinity
LimitLOCKSSoft=infinity
LimitSIGPENDING=1030297
LimitSIGPENDINGSoft=1030297
LimitMSGQUEUE=819200
LimitMSGQUEUESoft=819200
LimitNICE=0
LimitNICESoft=0
LimitRTPRIO=0
LimitRTPRIOSoft=0
LimitRTTIME=infinity
LimitRTTIMESoft=infinity
OOMScoreAdjust=0
Nice=0
IOSchedulingClass=0
IOSchedulingPriority=0
CPUSchedulingPolicy=0
CPUSchedulingPriority=0
TimerSlackNSec=50000
CPUSchedulingResetOnFork=no
NonBlocking=no
StandardInput=null
StandardInputData=
StandardOutput=journal
StandardError=inherit
TTYReset=no
TTYVHangup=no
TTYVTDisallocate=no
SyslogPriority=30
SyslogLevelPrefix=yes
SyslogLevel=6
SyslogFacility=3
LogLevelMax=-1
SecureBits=0
CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner
 cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override
 cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend
AmbientCapabilities=
DynamicUser=no
RemoveIPC=no
MountFlags=
PrivateTmp=no
PrivateDevices=no
ProtectKernelTunables=no
ProtectKernelModules=no
ProtectControlGroups=no
PrivateNetwork=no
PrivateUsers=no
ProtectHome=no
ProtectSystem=no
SameProcessGroup=yes
UtmpMode=init
IgnoreSIGPIPE=yes
NoNewPrivileges=no
SystemCallErrorNumber=0
LockPersonality=no
RuntimeDirectoryPreserve=no
RuntimeDirectoryMode=0755
StateDirectoryMode=0755
CacheDirectoryMode=0755
LogsDirectoryMode=0755
ConfigurationDirectoryMode=0755
MemoryDenyWriteExecute=no
RestrictRealtime=no
RestrictSUIDSGID=no
RestrictNamespaces=no
MountAPIVFS=no
KeyringMode=private
KillMode=control-group
KillSignal=15
SendSIGKILL=yes
SendSIGHUP=no
Id=srv-mysqlbackup.mount
Names=srv-mysqlbackup.mount
Requires=system.slice dev-mapper-system\x2dtmpdir.device -.mount
WantedBy=dev-mapper-system\x2dtmpdir.device
Conflicts=umount.target
Before=umount.target local-fs.target
After=-.mount systemd-journald.socket system.slice dev-mapper-system\x2dtmpdir.device local-fs-pre.target
RequiresMountsFor=/srv
Description=/srv/mysqlbackup
LoadState=loaded
ActiveState=active
SubState=mounted
SourcePath=/proc/self/mountinfo
StateChangeTimestamp=Thu 2026-06-18 01:05:15 EEST
StateChangeTimestampMonotonic=2353248905053
InactiveExitTimestamp=Thu 2026-06-18 01:05:15 EEST
InactiveExitTimestampMonotonic=2353248905053
ActiveEnterTimestamp=Thu 2026-06-18 01:05:15 EEST
ActiveEnterTimestampMonotonic=2353248905053
ActiveExitTimestampMonotonic=0
InactiveEnterTimestampMonotonic=0
CanStart=yes
CanStop=yes
CanReload=yes
CanIsolate=no
StopWhenUnneeded=no
RefuseManualStart=no
RefuseManualStop=no
AllowIsolate=no
DefaultDependencies=yes
OnFailureJobMode=replace
IgnoreOnIsolate=yes
NeedDaemonReload=no
JobTimeoutUSec=infinity
JobRunningTimeoutUSec=infinity
JobTimeoutAction=none
ConditionResult=no
AssertResult=no
ConditionTimestampMonotonic=0
AssertTimestampMonotonic=0
Transient=no
Perpetual=no
StartLimitIntervalUSec=10s
StartLimitBurst=5
StartLimitAction=none
FailureAction=none
SuccessAction=none
InvocationID=092a9a19be674f069064d8c22ba8e7b5
CollectMode=inactive

Kasulikud lisamaterjalid

• https://oneuptime.com/blog/post/2026-02-08-how-to-run-oxidized-in-docker-for-network-config-backup/view
• https://hub.docker.com/r/oxidized/oxidized
• Gitea kasutamine