backup

Synopsis

netapi ise backup [OPTIONS]

Description

Triggers an ISE configuration backup to a specified repository. The backup includes policies, endpoints, certificates, and all ISE configuration data.

Options

Option Default Description

--repo, -r

synology-nfs

Repository name (must exist in ISE)

--key, -k

$ISE_BACKUP_KEY

Encryption key (or use env var)

--name, -n

(auto)

Backup name prefix

--desc, -d

(empty)

Backup description

--wait, -w

false

Wait for backup to complete

--timeout, -t

1800

Wait timeout in seconds (30 min)

Examples

Using Environment Variable (Recommended)

Store ISE_BACKUP_KEY in your secrets:

# In dev/storage secrets file:
# @ISE_BACKUP_KEY = YourKey123

# Load credentials
eval "$(DSEC_EVAL_VERIFIED=true dsec source d000 dev/network)"
eval "$(DSEC_EVAL_VERIFIED=true dsec source d000 dev/storage)"

# Run backup
netapi ise backup --repo synology-nfs --name "pre-migration" --wait

With Explicit Key

netapi ise backup --repo synology-nfs --key "MyKey123" --name "daily"

Fire and Forget

# Start backup, don't wait
netapi ise backup --repo synology-nfs --name "scheduled"

# Check status later
netapi ise backup-status

Output

╭─────────────────────────────────────────────────────────╮
│ ISE Configuration Backup                                │
╰─────────────────────────────────────────────────────────╯
  Repository: synology-nfs (NFS)
  Server: 10.50.1.70:/volume1/ise_backups
  Name: pre-migration

✓ Backup initiated successfully
Waiting for backup to complete...
✓ Backup completed: pre-migration-CFG10-260124-1845.tar.gpg

Encryption Key Requirements

Keys must meet ISE requirements:

  • 8-15 characters

  • At least one uppercase [A-Z], lowercase [a-z], and digit [0-9]

  • Only: [A-Za-z0-9_#]

  • Must NOT contain: CcIiSsOo

Generate compliant key:

</dev/urandom tr -dc 'ABDEFGHJKLMNPQRTUVWXYZabdefghjklmnpqrtuvwxyz0123456789_#' | head -c 12 && echo

See Also