Fortigate config management in Github

After Github opened its free repository function to free users, I’m using Github private repository to store lots of my applications config file. I usually don’t use version management because they usually never changes after initial deployment. However, especially while I write blog post I need to make changes just to check the functionality. And sometimes I forgot to rollback config and need to check manually on the device.

In this post, I show you how to integrate Fortigate config backup script and Github API. And in the next post I will deploy them in CloudFunction so that it can be invoked by Fortigate automation stitch.


1. Fortigate Config Copy

I’m going to deploy this in Google Cloud Function in the end, so I don’t want to store any files in there. I modified config_backup() function and created backup_copy(), both are almost the same, but copy function returns config text instead of save one.

2. Github file update

You need to provide API token to use this function, which you can generate at personal access tokens. Please make sure that repository you are going to use is private. I save this script as ‘github_custom.py’.

3. Test

To test this, I use interactive mode.

Once completed, you can log into Github.com and check if the file is successfully updated. And you can compare the latest config with the previous version.

Fortigateのコンフィグの取得とGithub上での世代管理ができるようになります。