All over the web as I’ve studied my CCNP certifications I would hear about a router/switch configuration backup server called RANCID, and so last week I decided to install and test it for myself and see if it lived up to the hype from the web.
I decided to use CentOS 6.2 for the new server and began following the amazing guide by Steve Smith located http://www.shrubbery.net/rancid/SteveSmithFedora15.pdf
While the guide was made for Fedora, the differences between that and CentOS were negligible and after an hour or two of configuring and small tweaks(group apache instead of www etc.) I had a running RANCID server!
But wait, this couldn’t be the famous RANCID server I heard so much about… it looked straight out of the 90s and had no http security to speak of. Anyone with the url could just get right into the server and start pulling router configs! Not good.
That’s when I found Rob Maaseu’s blog post about beautifying RANCID with websvn: http://www.progob.nl/robmaaseu/?p=179
I followed his short guide and tweaked it for CentOS and in under 30 minutes had a much more beautiful RANCID webpage greeting me:
now this is the RANCID I thought people were talking about for their config version control! But I still had one issue left… anyone could still just point to the URL and access my router and switch configurations!
Time to implement basic authentication through Apache, I followed the quick guide http://www.cyberciti.biz/faq/howto-setup-apache-password-protect-directory-with-htaccess-file/
And created a user/password for all webpages on my RANCID server, so that only those authorized could access the config files.
Wonderful! A login prompt to be proud of.
Why websvn and basic authentication configuration guides are not displayed on RANCID’s site, and why they are not considered essential to getting a RANCID server up I don’t know… but the combination of the three guides above got me an amazing new server that keeps track of all of my router configs automatically and it was well worth the investment in the initial setup.