sysutils/auto-recovery: a new plugin to rollback configuration changes #3321
Conversation
fraenki
force-pushed
the
auto_recovery
branch
from
3a1af4a
to
952af26
Compare
fraenki
force-pushed
the
auto_recovery
branch
from
952af26
to
ae2ff84
Compare
|
If I understand correctly auto-recovery reloads the previous config? Do you plan to implement anything to reload a previous firmware in case an update went wrong? |
That's the basic functionality, but you are able to customize this process to a certain degree.
No. But once the plugin has it's first release, anyone is welcome to contribute new features. |
| CONFIG_BACKUP_FILE="${BASE_DIR}/config.xml_recover" | ||
| CONFIG_ORIGINAL_FILE="${BASE_DIR}/config.xml_orig" |
There was a problem hiding this comment.
we simply cannot stray from the live config.xml vs. backups procedure adding another layer of misdirection. one thing it will do is confuse the history and I don't see a way to integrate this as a plugin in terms of eventual UX.
| # Run configd command. | ||
| if [ "${DO_CONFIGD}" == "1" ]; then | ||
| log "Running system command: ${CONFIGD_CMD}" | ||
| eval $CONFIGD_CMD |
There was a problem hiding this comment.
dispatching random commands is out of the question as well
There was a problem hiding this comment.
Huh? This is not random, it is limited to pre-defined configd commands. This is already used elsewhere, so not exactly new functionality.
There was a problem hiding this comment.
At least the eval makes no sense. Probably also prone to arbitrary command injection. I fail to see the point of deferring a predefined command through a model with a free form command input funnelled through a overcomplicated script.
There was a problem hiding this comment.
Ok, misread the free-form part. Apologies.
|
Am I allowed to put it on community repo to give it broader audiance? Maybe it will motivate someone to spend more time on it? |
Sure 👍 |
|
Why has this been closed? It is working fine on my tests and it is really needed when you make remote changes. I would ❤️ to see this or a similar plugin to become available for OPNsense. |
Preface
This new community plugin tries to immitate the
reload in 5feature found in some routers/switches. It will start a countdown and restore all configuration changes if the countdown is not aborted. This is especially useful when working on remote devices.This PR implements the feature request #2976 using an extremely simplified approach. The main feature is implemented, but it may not be sufficient for production environments.
DISCLAIMER: Auto Recovery is a community plugin without support or guarantees. Auto Recovery can only restore the OPNsense system configuration to a previous state. It does not restore any other files, packages or revert any filesystem modification. It certainly is not meant to replace a backup, nor does it protect against failed software upgrades.
Testing
This plugin is expected to be able to reliably restore a working system configuration. Hence we need more people to test it's features, before this plugin can be released.
Adding the development version of the plugin on OPNsense 23.1 is simple:
Please let me know if it works for you, or if you experience any issues.
Screenshots
Configuration screen:
When the countdown is on:
Log messages in
System: Log Files: General: