Can I selectively transfer pkg config via backups?
-
I want to transfer HAProxy's config to a dedicated pfSense instance. It should be extremely easy since it spits out its full config from within the GUI, but I like pfSense's GUI for it plus it's finally easier to translate HAProxy's docs into pfSense's version. It's also the default gateway for most servers, it knows how to reach everything and the list goes on making pretty hard to throw that away so, as a compromise, I can split off specific VLANs+HAProxy in a spare pfSense clone I have of the firewall that's already been stripped of the conflicting VLANs, addresses (v4/v6/MAC) and unneeded pkgs and static route between
firewallsfirewall and proxy/router--maybe even redirect on login to HAProxy's section instead of the pfSense Dashboard using HAProxy itself.It's only missing the latest HAProxy config. Can I export a backup and from this strip the sections that are not for HAProxy? I'm asking because the last time(s) I tried this for a third party package, FreeRADIUS, the config appeared to be read (it showed in the GUI in the config files section of FreeRADIUS) but it somehow sort of protected itself and just ignored it. Editing it through SSH didn't work either. :/
-
@skilledinept said in Can I selectively transfer pkg config via backups?:
Editing it through SSH didn't work either. :/
Editing the config ( /conf/config.xml ) on a live system ?
Great chances that edits are not taken in account.
That file is being overwritten (saved !) every time a config change happens in the system. Your edits could be lost when that happens.A better way is to export the file, do your edits, and import the file.
Diagnostics > Backup & Restore > Backup & Restore and save your config. Without the RRD.
Open this exported file with a text editor like Notepad++.Keep in mind that packages like FreeRadius also use/store (example) certificates, so not all the Freeradius settings are stored in
<installedpackages> ...... -
Editing the /conf/config.xml AND deleting the /tmp/config.cache file should work in general.. Then changes should show up in the webgui, and after applying the settings haproxy should just start running. For haproxy i dont see any issue why it wouldn't work.. (besides perhaps some reference to a certificate-ID that might not exist in the current config..) The haproxy config itself is pretty stand alone regarding all the other parts. (unlike some packages that generate certificates/config on first install already) imho the issue with restoring a complete backup file is that it go's trough a reboot which isn't always nice when just adding a package to a production system..
