76 lines
3.5 KiB
Markdown
76 lines
3.5 KiB
Markdown
# RouterOS Config Backup & Change Tracking (v9.6)
|
|
|
|
## What This Is
|
|
|
|
Automated RouterOS configuration backup and human-readable change tracking for TOD (The Other Dude). Periodically collects router configurations via SSH, stores versioned snapshots, generates diffs, and presents a change timeline in the device UI. Applies to RouterOS devices only.
|
|
|
|
## Core Value
|
|
|
|
Operators can see exactly what changed on a router and when, with reliable config snapshots available for download — visibility into network changes that would otherwise go unnoticed.
|
|
|
|
## Requirements
|
|
|
|
### Validated
|
|
|
|
<!-- Existing TOD capabilities inferred from codebase -->
|
|
|
|
- ✓ Multi-tenant device management — existing
|
|
- ✓ Poller-based device monitoring via SSH — existing
|
|
- ✓ NATS message bus for poller↔API communication — existing
|
|
- ✓ Credential management with OpenBao Transit encryption — existing
|
|
- ✓ FastAPI backend with RBAC (viewer/operator/admin/super_admin) — existing
|
|
- ✓ React frontend with device detail pages — existing
|
|
- ✓ Remote access (SSH/WinBox tunneling) — existing (v9.5)
|
|
|
|
### Active
|
|
|
|
- [ ] Periodic config collection via SSH `/export show-sensitive`
|
|
- [ ] Manual backup trigger via API
|
|
- [ ] Config snapshot storage with SHA256 deduplication
|
|
- [ ] Unified diff generation between consecutive snapshots
|
|
- [ ] Structured change parsing (component, summary, raw line)
|
|
- [ ] Config history timeline API endpoints
|
|
- [ ] Full snapshot view/download API
|
|
- [ ] Configuration History section in device UI
|
|
- [ ] Timeline with change summaries and diff viewer
|
|
- [ ] Snapshot download as `.rsc` file
|
|
- [ ] RBAC: operator+ can trigger backups, viewers can read history
|
|
- [ ] Audit logging for snapshot/diff/trigger events
|
|
- [ ] 90-day retention with automatic cleanup
|
|
- [ ] Config text normalization (whitespace, timestamps, line endings)
|
|
|
|
### Out of Scope
|
|
|
|
- Config restore via UI — deferred to future version per spec
|
|
- Non-RouterOS device backup — spec explicitly scopes to RouterOS only
|
|
- Real-time config change detection — polling-based, not event-driven
|
|
|
|
## Context
|
|
|
|
- Poller is Go, runs SSH sessions to RouterOS devices, publishes to NATS
|
|
- Backend is Python/FastAPI with SQLAlchemy + Alembic migrations on PostgreSQL
|
|
- Frontend is React with TanStack Query, component library in `frontend/src/components/`
|
|
- Existing credential flow: poller requests creds from cache, decrypted via OpenBao Transit
|
|
- NATS subjects follow `{domain}.{entity}.{action}` pattern
|
|
- Device detail page already has Metrics and Remote Access sections
|
|
|
|
## Constraints
|
|
|
|
- **Tech stack**: Must use existing Go poller, Python backend, React frontend — no new services
|
|
- **Security**: Snapshots contain sensitive credentials (`show-sensitive`), must be encrypted at rest and RBAC-gated
|
|
- **NATS**: Config snapshots flow through NATS subject `config.snapshot.create`
|
|
- **Database**: New tables via Alembic migrations on existing PostgreSQL
|
|
|
|
## Key Decisions
|
|
|
|
| Decision | Rationale | Outcome |
|
|
|----------|-----------|---------|
|
|
| SSH `/export show-sensitive` for collection | Captures full config including secrets needed for restore | — Pending |
|
|
| SHA256 hash deduplication | Avoid storing identical configs, skip unnecessary diffs | — Pending |
|
|
| Unified diff format | Standard, well-understood, renderable in UI | — Pending |
|
|
| 6-hour default interval | Balance between freshness and SSH overhead | — Pending |
|
|
| NATS for poller→API transport | Consistent with existing poller architecture | — Pending |
|
|
|
|
---
|
|
*Last updated: 2026-03-12 after initialization*
|