Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Backup pfsense (via SSH) using ONE script

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      paklids
      last edited by

      I've finally gotten around to writing a Python Fabric script that logs into my pfsense instances via SSH, generates a backup and pulls that back via SFTP.

      
      #!/usr/bin/python
      #
      # Designed and tested on pfsense v2.2
      #
      import urllib2, base64, getpass, json, re, sys, os
      from fabric.api import *
      from datetime import datetime
      #
      myname = ('root')
      # NOTE: pfsense uses root user that has same password as admin - required for sftp file access
      theList = ['pfsense1.company.com','pfsense2.company.com']
      #
      i = datetime.now()
      now_is = i.strftime('%Y%m%d-%H%M%S')
      today_is = i.strftime('%Y%m%d')
      print now_is
      #
      print ('')
      print ('Username is ' + myname)
      pw = getpass.getpass()
      print ('')
      #
      how_many = len(theList)
      #
      print("This will backup " + str(how_many) + " systems:\n")
      print (theList)
      print ('')
      #
      env.user = myname
      env.hosts = theList
      env.password = pw
      #
      #@parallel(pool_size=5)
      #
      # generate the backup file on the pfsense system itself, this will take some time
      def generate_and_pull_backup():
              env.warn_only = True
      #       run( "8", shell=False )
              backup_command_output = run( "/etc/rc.create_full_backup", shell=False )
      # parse the output of the create_full_backup command
              file_generated_full_path = backup_command_output.rsplit(None, 1)[-1]
              filename_generated = file_generated_full_path.split('/')[-1]
      # pull the backup home to me
              get("%s" % file_generated_full_path,"./my_pfsense_backups/%s/%s-%s" % (today_is,env.host,filename_generated))
      # NOTE: configs can be restored via /etc/rc.restore_full_backup
      #
      # delete config backup just generated so disk does not fill
              run( "rm -f %s" % file_generated_full_path, shell=False )
      #
      if __name__ == '__main__':
              execute(generate_and_pull_backup)
      
      

      For more info you can view my blog that has other Fabric examples: http://paklids.blogspot.com/2015/09/backup-pfsense-firewall-via-ssh-using.html

      Oh, and be sure to enable secure shell in System>Advanced on all the pfsense systems that you would like to connect to.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.