From da543234a12496e073931f366c39049be4c07ff3 Mon Sep 17 00:00:00 2001 From: Vlad R Date: Wed, 12 Jul 2023 14:50:56 +0000 Subject: [PATCH 1/6] Added playbook for setting up Docker + other usefull services on the NCAFSA VM template. --- dnaclab_linux/prestage_ncafsa_vm_template.yml | 22 ++++++++ dnaclab_linux/prestage_users.yaml | 2 +- .../roles/ncafsa-users/vars/main.yaml | 50 +++++++++---------- .../roles/ncafsa-vm-template/tasks/main.yaml | 47 +++++++++++++++++ 4 files changed, 95 insertions(+), 26 deletions(-) create mode 100644 dnaclab_linux/prestage_ncafsa_vm_template.yml create mode 100644 dnaclab_linux/roles/ncafsa-vm-template/tasks/main.yaml diff --git a/dnaclab_linux/prestage_ncafsa_vm_template.yml b/dnaclab_linux/prestage_ncafsa_vm_template.yml new file mode 100644 index 0000000..bbcb934 --- /dev/null +++ b/dnaclab_linux/prestage_ncafsa_vm_template.yml @@ -0,0 +1,22 @@ +# 12/07/2023 - Sets up the target hosts with the basic necessary packages and Docker and +# adds the users to the Docker group. +--- +- name: Prestage server(s) with the following roles {{ ansible_play_role_names }} + hosts: staging + roles: + - common + - ncafsa-vm-template + - ncafsa-users + become: yes + vars_files: + - global_vars/main.yml + + tasks: + + - name: Send Webex Teams message via BOT to confirm playbook completion + community.general.cisco_webex: + recipient_type: toPersonEmail + recipient_id: "{{ webex_id }}" + msg_type: markdown + personal_token: "{{ webex_token }}" + msg: "**Prestaging has been completed for host {{ inventory_hostname }}.**" \ No newline at end of file diff --git a/dnaclab_linux/prestage_users.yaml b/dnaclab_linux/prestage_users.yaml index 3d7c69e..f127248 100644 --- a/dnaclab_linux/prestage_users.yaml +++ b/dnaclab_linux/prestage_users.yaml @@ -1,6 +1,6 @@ --- - name: Prestage server(s) with the NCA Automation team users - hosts: kubernetes-dev + hosts: staging roles: - ncafsa-users become: yes diff --git a/dnaclab_linux/roles/ncafsa-users/vars/main.yaml b/dnaclab_linux/roles/ncafsa-users/vars/main.yaml index 09d0f94..5a5a406 100644 --- a/dnaclab_linux/roles/ncafsa-users/vars/main.yaml +++ b/dnaclab_linux/roles/ncafsa-users/vars/main.yaml @@ -1,26 +1,26 @@ $ANSIBLE_VAULT;1.1;AES256 -38336538336630386430306665313035623039376166353938363662653765643037656338653730 -3166343061396430326336626332333635316438313536340a353134623836626638663465653631 -35636263393739623736326466616161333832323338653365303466636465383462326239333665 -3863323733646437370a333036613539626134316633633436393364393530613265636539376232 -62633338663131373330323337306664343665666336376534353830316131373339636337396134 -38663332313438303439313632363838353635393630316633623933353035363761366531613537 -32383938656133613961383231316632313231333634353566363430653934653138383465313737 -39396334396663336536666566616336623832316562653265643461396435613166346337616138 -62326639393665303866626332316334633963663636303964613632366162643933343163323133 -38663964613862306331383934333234303630653536323564366563356663666663333630343435 -35313639376164336661623933396664653036316634663831386433383030393232313063666632 -38363637363332646436313966383466656538336566326136343964353934653965336562643635 -30343631366563343739373462343434636338393564613736313539303933303035326539366235 -66313133336636653865376263326433353332303435336634356262316166613533663636643066 -33386432313639316233366134306263613665363632316664613134323633393464666330393233 -30366538326237383036363836656535323636313934613239616136386538643139616665356664 -64376433353362346163623938653539613436383465333733663161383964623765653534666236 -34656331393837306564623131363131383530386433326533633638363366366130393638643262 -64626463626566653864323565323265306437636162353631666463316532346466326464636264 -66383433646131393963346664353165666237306665616230646536616531353161666433353332 -36646636663265633761636134613765346665353863333864333931316339353333356537663830 -36343636303635353766626531313537303134306332326563376337353733336137636433666362 -37326463333838343135393430393831383536646464353135636532373438656366303664323562 -38343438626635326636346336383034376337353237393065386530643466663733626564303036 -6537 +63616133626234653365316361623861623664336263343332373439326135383930613839663133 +6462633664616563316263663430366231396634363465650a656430616139313938373832333332 +33623733393732376134636564356138303463333662326162393238326566343265373763646239 +3064326661643134360a313335613133396164353435336330643035393430303135646361386433 +35366534383962326536343531613261626433613631623233383238646565396337366634343439 +30633462653730613534386338653062383466326666633738303031363339646361656132303133 +38333139663963616632363436353431326231343164313661613431386235633734666266643837 +62623265326334613238356462633334613037643262626238333334666436393333393937633034 +38666566636330303632636637383731336161313639386336633964323637373137343032333761 +66613537396630373133646130316230363335653231633033376334633236613762336136346434 +32346166376363336463633234326166653763393732646232626461376536346266346633633266 +31366535366233663439306261383963666463633034643366346132396435303430636466656565 +34326334383661393737363666326434643031373562396534313033313136666133343963356239 +35333062636466643630653535666661653534353461633037326435626537393466353832366638 +39383764643339653266323533623166303434613739393466333362653563366366393135373039 +62393133333839663666646362663235666634303439653664316536386532363531376161396463 +38383363363163656663356336336331366439626634643466623463333030636238353961623234 +64646230323235646136646262363634306135613637323533383038643764323432376139396631 +32373837666335653530383530613137393637316532663534376164646131636138333162363339 +34666631623838666337356133643964363966306239323561636237343662626361656434353034 +31383238356137656465363866633631343435363936646264333263313964666437663734616462 +34366539636234326264346261383262353739356530336138643161383463343836623435376364 +61633932353863323336353963356363376337643930373131383935636332643832646330376363 +36613130623634356232336637373565613635366137353637386662653137323166666565393665 +3637 diff --git a/dnaclab_linux/roles/ncafsa-vm-template/tasks/main.yaml b/dnaclab_linux/roles/ncafsa-vm-template/tasks/main.yaml new file mode 100644 index 0000000..f374262 --- /dev/null +++ b/dnaclab_linux/roles/ncafsa-vm-template/tasks/main.yaml @@ -0,0 +1,47 @@ +--- +- name: Install aptitude + ansible.builtin.apt: + name: aptitude + state: latest + update_cache: true + +- name: Install required packages + ansible.builtin.apt: + pkg: + - apt-transport-https + - ca-certificates + - curl + - software-properties-common + - python3-pip + - virtualenv + - python3-setuptools + state: latest + update_cache: true + +- name: Add Docker GPG apt Key + ansible.builtin.apt_key: + url: https://download.docker.com/linux/ubuntu/gpg + state: present + +- name: Add Docker Repository + ansible.builtin.apt_repository: + repo: deb https://download.docker.com/linux/ubuntu focal stable + state: present + +- name: Update apt and install docker-ce + ansible.builtin.apt: + name: docker-ce + state: latest + update_cache: true + +- name: Run default container to test Docker install + community.docker.docker_container: + name: test_container + image: hello-world + state: present + +- name: Add users to Docker group (allows running Docker commands without sudo) + ansible.builtin.user: + name: "{{ item.key }}" + groups: "sudo, docker" + loop: "{{ lookup('dict', users) }}" \ No newline at end of file From e9dc88f33d400a24f868f190bced3998e4f88191 Mon Sep 17 00:00:00 2001 From: Vlad R Date: Wed, 2 Aug 2023 07:56:40 +0000 Subject: [PATCH 2/6] Added Ansible Tower host to inventory + added step to ensure SUDO group exists for the prestage_users playbook --- dnaclab_linux/inventory.yml | 5 ++++- dnaclab_linux/prestage_users.yaml | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/dnaclab_linux/inventory.yml b/dnaclab_linux/inventory.yml index 852b722..cec2744 100644 --- a/dnaclab_linux/inventory.yml +++ b/dnaclab_linux/inventory.yml @@ -10,6 +10,9 @@ all: gitlab: hosts: gitlab.dnaclab.net: + ansibletower: + hosts: + ansibletower.dnaclab.net: kubernetes: hosts: 10.221.0.130: @@ -20,7 +23,7 @@ all: 10.221.0.105: developer2: hosts: - 10.221.0.125: + developer2.dnaclab.net: kubernetes_dev: hosts: 172.16.1.130: diff --git a/dnaclab_linux/prestage_users.yaml b/dnaclab_linux/prestage_users.yaml index f127248..9ea61f8 100644 --- a/dnaclab_linux/prestage_users.yaml +++ b/dnaclab_linux/prestage_users.yaml @@ -1,6 +1,6 @@ --- - name: Prestage server(s) with the NCA Automation team users - hosts: staging + hosts: ansibletower roles: - ncafsa-users become: yes From 66e8d1fc0303879c0d0c2fabe4746d9b2a50931b Mon Sep 17 00:00:00 2001 From: Vlad R Date: Wed, 2 Aug 2023 08:33:03 +0000 Subject: [PATCH 3/6] Improved the prestage_users playbook --- dnaclab_linux/prestage_users.yaml | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/dnaclab_linux/prestage_users.yaml b/dnaclab_linux/prestage_users.yaml index 9ea61f8..80e5f5d 100644 --- a/dnaclab_linux/prestage_users.yaml +++ b/dnaclab_linux/prestage_users.yaml @@ -9,7 +9,23 @@ tasks: - - name: Configure NCA Automation team users for server access + - name: Check if OS is RHEL or other + ansible.builtin.stat: + path: "/etc/redhat-release" + register: outcome + + - name: Configure NCA Automation team users for server access (RHEL only) + ansible.builtin.user: + name: "{{ item.key }}" + comment: "Added via Ansible" + home: "/home/{{ item.key }}" + shell: "/bin/bash" + group: "wheel" + password: "{{ item.value }}" + loop: "{{ lookup('dict', users) }}" + when: outcome.stat.exists + + - name: Configure NCA Automation team users for server access (non-RHEL) ansible.builtin.user: name: "{{ item.key }}" comment: "Added via Ansible" @@ -18,3 +34,4 @@ group: "sudo" password: "{{ item.value }}" loop: "{{ lookup('dict', users) }}" + when: not outcome.stat.exists From 128fb50e36f97fdc8bf50274bcec5a95cc6db35f Mon Sep 17 00:00:00 2001 From: Vlad R Date: Wed, 2 Aug 2023 13:15:36 +0000 Subject: [PATCH 4/6] CHanged the target for the get_logs playbook --- dnaclab_linux/get_logs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dnaclab_linux/get_logs.yml b/dnaclab_linux/get_logs.yml index 9709b1d..a4f386a 100644 --- a/dnaclab_linux/get_logs.yml +++ b/dnaclab_linux/get_logs.yml @@ -1,6 +1,6 @@ --- - name: Copy the contents of the "/var/log" folder to the Ansible controller - hosts: all_servers + hosts: all become: yes tasks: From 5d8d76fa5cdcfe228852e4c635a5c899c1941f72 Mon Sep 17 00:00:00 2001 From: Vlad R Date: Mon, 14 Aug 2023 07:51:55 +0000 Subject: [PATCH 5/6] Added some examples of accessing nested variables --- dnaclab_linux/get_logs.yml | 10 ++--- testing/inner.yml | 7 ++++ testing/variable-test.yml | 85 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 97 insertions(+), 5 deletions(-) create mode 100644 testing/inner.yml create mode 100644 testing/variable-test.yml diff --git a/dnaclab_linux/get_logs.yml b/dnaclab_linux/get_logs.yml index a4f386a..852b7f1 100644 --- a/dnaclab_linux/get_logs.yml +++ b/dnaclab_linux/get_logs.yml @@ -9,11 +9,11 @@ ansible.builtin.shell: "cd /var/log; find . -maxdepth 1 -type f | cut -d'/' -f2" register: files_to_copy - - name: Copy the log files - ansible.builtin.fetch: - src: /var/log/{{ item }} - dest: /home/vlad/Desktop/ansible/dnaclab_linux/logs/ - with_items: "{{ files_to_copy.stdout_lines }}" + # - name: Copy the log files + # ansible.builtin.fetch: + # src: /var/log/{{ item }} + # dest: /home/vlad/Desktop/ansible/dnaclab_linux/logs/ + # with_items: "{{ files_to_copy.stdout_lines }}" diff --git a/testing/inner.yml b/testing/inner.yml new file mode 100644 index 0000000..b3683dd --- /dev/null +++ b/testing/inner.yml @@ -0,0 +1,7 @@ +- name: Print outer and inner items + ansible.builtin.debug: + msg: "outer item={{ outer_item }} inner item={{ item }}" + loop: + - a + - b + - c \ No newline at end of file diff --git a/testing/variable-test.yml b/testing/variable-test.yml new file mode 100644 index 0000000..e4e1620 --- /dev/null +++ b/testing/variable-test.yml @@ -0,0 +1,85 @@ +- name: Testing how to access variables + hosts: localhost + gather_facts: false + vars: + test_1: + - name: vlan 20 + id: 20 + svi_ip_peer_1: 192.168.77.1/24 + svi_ip_peer_2: 192.168.77.2/24 + portchannel_id: 20 + portchannel_interfaces_peer_1: + name: port-channel20 + members: + - Eth1/5 + - Eth1/6 + mode: on + switchport_mode: access + portchannel_interfaces_peer_2: + name: port-channel20 + members: + - Eth1/5 + - Eth1/6 + mode: on + switchport_mode: access + hsrp_group: 20 + hsrp_vip: 192.168.77.254 + hsrp_preempt: enabled + hsrp_priority_peer_1: 105 + hsrp_priority_peer_2: 100 + - name: vlan 30 + id: 20 + svi_ip_peer_1: 192.168.77.1/24 + svi_ip_peer_2: 192.168.77.2/24 + portchannel_id: 20 + portchannel_interfaces_peer_1: + name: port-channel20 + members: + - Eth1/7 + - Eth1/8 + mode: on + switchport_mode: access + portchannel_interfaces_peer_2: + name: port-channel20 + members: + - Eth1/7 + - Eth1/8 + mode: on + switchport_mode: access + hsrp_group: 20 + hsrp_vip: 192.168.77.254 + hsrp_preempt: enabled + hsrp_priority_peer_1: 105 + hsrp_priority_peer_2: 100 + test_2: "{{ test_1 | map(attribute='portchannel_interfaces_peer_1') | map(attribute='members') }}" + + tasks: + + - name: Print var + ansible.builtin.debug: + var: test_2 + + - name: Print "portchannel_interfaces_peer_1" + ansible.builtin.debug: + msg: "{{ item }}" + loop: + "{{ test_1 | map(attribute='portchannel_interfaces_peer_1')}}" + + - name: Print "members" + ansible.builtin.debug: + msg: "{{ item }}" + loop: + "{{ test_1 | map(attribute='portchannel_interfaces_peer_1') | map(attribute='members')}}" + + # - name: Set members peer 1 + # ansible.builtin.set_fact: + # peer_1_vpc_interfaces: "{{ item }}" + # cacheable: yes + # loop: + # "{{ test_1 | map(attribute='portchannel_interfaces_peer_1') | map(attribute='members') }}" + + - name: Print member interfaces + ansible.builtin.debug: + msg: "{{ item[1] }}" + loop: + "{{ test_1 | map(attribute='portchannel_interfaces_peer_1') | subelements('members') }}" \ No newline at end of file From 2f092d625c72b0d7b08f8ed8a92895da1228f73f Mon Sep 17 00:00:00 2001 From: Vlad R Date: Mon, 13 Nov 2023 15:18:28 +0000 Subject: [PATCH 6/6] Added playbooks for provisioning a backup server with SFTP, TFTP, SCP, OMG, WTF --- dnaclab_linux/inventory.yml | 16 +-- dnaclab_linux/prestage_backup.yml | 8 ++ dnaclab_linux/prestage_users.yaml | 2 +- .../roles/ncafsa-backup/tasks/main.yaml | 45 ++++++ .../ncafsa-backup/templates/sftp.conf.j2 | 131 ++++++++++++++++++ .../roles/ncafsa-backup/vars/main.yaml | 6 + dnaclab_linux/update.yml | 2 +- ios_devices/device_audit.yml | 4 +- ios_devices/inventory.yml | 3 +- ios_devices/roles/common/vars/main.yml | 26 ++-- 10 files changed, 215 insertions(+), 28 deletions(-) create mode 100644 dnaclab_linux/prestage_backup.yml create mode 100644 dnaclab_linux/roles/ncafsa-backup/tasks/main.yaml create mode 100644 dnaclab_linux/roles/ncafsa-backup/templates/sftp.conf.j2 create mode 100644 dnaclab_linux/roles/ncafsa-backup/vars/main.yaml diff --git a/dnaclab_linux/inventory.yml b/dnaclab_linux/inventory.yml index cec2744..f91be53 100644 --- a/dnaclab_linux/inventory.yml +++ b/dnaclab_linux/inventory.yml @@ -1,29 +1,25 @@ --- all: children: - services: + services_hosts: hosts: ubuntu.dnaclab.net: - developer: + staging.dnaclab.net: + developer_hosts: hosts: developer.dnaclab.net: + developer2.dnaclab.net: gitlab: hosts: gitlab.dnaclab.net: - ansibletower: + backup_hosts: hosts: - ansibletower.dnaclab.net: + backups.dnaclab.net: kubernetes: hosts: 10.221.0.130: 10.221.0.131: 10.221.0.132: - staging: - hosts: - 10.221.0.105: - developer2: - hosts: - developer2.dnaclab.net: kubernetes_dev: hosts: 172.16.1.130: diff --git a/dnaclab_linux/prestage_backup.yml b/dnaclab_linux/prestage_backup.yml new file mode 100644 index 0000000..eb6edbc --- /dev/null +++ b/dnaclab_linux/prestage_backup.yml @@ -0,0 +1,8 @@ +--- +- name: Prestage server(s) with the NCA Automation team users + hosts: backup_hosts + roles: + - ncafsa-backup + become: yes + vars_files: + - global_vars/main.yml \ No newline at end of file diff --git a/dnaclab_linux/prestage_users.yaml b/dnaclab_linux/prestage_users.yaml index 80e5f5d..236165d 100644 --- a/dnaclab_linux/prestage_users.yaml +++ b/dnaclab_linux/prestage_users.yaml @@ -1,6 +1,6 @@ --- - name: Prestage server(s) with the NCA Automation team users - hosts: ansibletower + hosts: backup_hosts roles: - ncafsa-users become: yes diff --git a/dnaclab_linux/roles/ncafsa-backup/tasks/main.yaml b/dnaclab_linux/roles/ncafsa-backup/tasks/main.yaml new file mode 100644 index 0000000..a23b909 --- /dev/null +++ b/dnaclab_linux/roles/ncafsa-backup/tasks/main.yaml @@ -0,0 +1,45 @@ +--- +- name: Create account for backup services + ansible.builtin.user: + name: "{{ item }}" + password: "{{ password }}" + shell: /bin/bash + loop: "{{ services }}" + +- name: Create backup directory tree + ansible.builtin.file: + path: "/backups/{{ item }}" + state: directory + owner: "{{ item }}" + group: "{{ item }}" + loop: "{{ services }}" + +- name: Install NFS, SFTP and TFTP services + ansible.builtin.apt: + name: "{{ item }}" + state: present + loop: + - nfs-kernel-server + - openssh-server + - tftpd-hpa + +- name: Configure SFTP for ISE backups + ansible.builtin.template: + src: sftp.conf.j2 + dest: /etc/ssh/sshd_config + vars: + user: "ise" + +- name: Fix permissions for SFTP folder + ansible.builtin.file: + path: "/backups/{{ user }}" + state: directory + owner: root + group: root + vars: + user: "ise" + +- name: Restart SSH service (allows SFTP changes to work) + ansible.builtin.service: + name: ssh + state: restarted \ No newline at end of file diff --git a/dnaclab_linux/roles/ncafsa-backup/templates/sftp.conf.j2 b/dnaclab_linux/roles/ncafsa-backup/templates/sftp.conf.j2 new file mode 100644 index 0000000..ba64370 --- /dev/null +++ b/dnaclab_linux/roles/ncafsa-backup/templates/sftp.conf.j2 @@ -0,0 +1,131 @@ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +Include /etc/ssh/sshd_config.d/*.conf + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +#PermitRootLogin prohibit-password +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# Expect .ssh/authorized_keys2 to be disregarded by default in future. +#AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2 + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +#PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to yes to enable challenge-response passwords (beware issues with +# some PAM modules and threads) +KbdInteractiveAuthentication no + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes +#GSSAPIStrictAcceptorCheck yes +#GSSAPIKeyExchange no + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +PrintMotd no +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# Allow client to pass locale environment variables +AcceptEnv LANG LC_* + +# override default of no subsystems +Subsystem sftp /usr/lib/openssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server + +Match User {{ user }} + ForceCommand internal-sftp + PasswordAuthentication yes + ChrootDirectory /backups/{{ user }} + PermitTunnel no + AllowAgentForwarding no + AllowTcpForwarding no + X11Forwarding no \ No newline at end of file diff --git a/dnaclab_linux/roles/ncafsa-backup/vars/main.yaml b/dnaclab_linux/roles/ncafsa-backup/vars/main.yaml new file mode 100644 index 0000000..bc61a0f --- /dev/null +++ b/dnaclab_linux/roles/ncafsa-backup/vars/main.yaml @@ -0,0 +1,6 @@ +services: + - dnac + - ise + - tftp + - other +password: $6$rounds=656000$mysecretsalt$VvhQ/hNVWpgVuv9MXN0zFAGMLloWYezEPvgG/oyFsaTJxmiZWintigtbssQ8zRdH4CjkB6obYcAOASlw2yutl/ \ No newline at end of file diff --git a/dnaclab_linux/update.yml b/dnaclab_linux/update.yml index d9c5799..abc12cf 100644 --- a/dnaclab_linux/update.yml +++ b/dnaclab_linux/update.yml @@ -1,6 +1,6 @@ --- - name: Update and upgrade packages on Ubuntu VMs - hosts: kubernetes-dev + hosts: backup_hosts become: yes vars_files: - global_vars/main.yml diff --git a/ios_devices/device_audit.yml b/ios_devices/device_audit.yml index f4f764c..1a10d6f 100644 --- a/ios_devices/device_audit.yml +++ b/ios_devices/device_audit.yml @@ -3,7 +3,7 @@ ## for devices which feature VRFs or multi-instance capabilities. - name: Audit devices and print key information - hosts: baguleykit + hosts: evengkit gather_facts: false connection: network_cli roles: @@ -47,4 +47,4 @@ - name: Print device information debug: - var: runtime_information.stdout_lines[4] \ No newline at end of file + var: runtime_information.stdout_lines[4] diff --git a/ios_devices/inventory.yml b/ios_devices/inventory.yml index 0f9aeb0..66efe92 100644 --- a/ios_devices/inventory.yml +++ b/ios_devices/inventory.yml @@ -7,4 +7,5 @@ homekit: 192.168.1.60: evengkit: hosts: - 172.16.1.239: + 10.3.0.101: + 10.3.0.102: diff --git a/ios_devices/roles/common/vars/main.yml b/ios_devices/roles/common/vars/main.yml index 6fe80ab..55850c6 100644 --- a/ios_devices/roles/common/vars/main.yml +++ b/ios_devices/roles/common/vars/main.yml @@ -1,14 +1,14 @@ $ANSIBLE_VAULT;1.1;AES256 -36666363353431303563373132653732303830323865333734636561616465306661346338393766 -3462656233353031396533363133386439363133363563310a336263303535363666653838393835 -39303964323662653463633933336434396234653738343636373566636365363265333062656532 -3030383335306537320a616262613366303235643331616166643932306164636235393530636163 -33666163663931636363353831316564333931663763613130363766666363313534623166313631 -32636162646334343439623566353063373633306537313864613637373730393561626635323536 -64393730386432356337373637343834313634386430643137343463306135653939303931333666 -61653266663230323437343433626330303433656335363963356339356134653933646264383439 -61613730353761316332633961343939653863326639343164623261303939396561333262326337 -35333437653136653434393265333165666365353765666662396434303933623564346232653331 -32386339646266343764646462653336356261376235626263653430636436306235623035396366 -32363130613536353835613430643865346630366434353032366565353535313536653463313134 -3532 +35393738393862623261626334653837633235366266636332383535623733343636613830303634 +3464643164383564393538643832656133373637306563660a323862313736353430623532306336 +36363165646565643038663938633131343637613238646562323865633065653438656630626339 +3332633937373237380a623238623137396637623137373765333936376535313731326139633266 +61303937626264383735383361653532396338626332383362306634616136303030353963653232 +39313837346634663431323139666632393733643663313131306535656161383334383233373031 +39386533636163666531633733303564393937323664633232626565623931326332386436366239 +63353164363864613366663161326434366638633535643565346462346136343039633531363766 +61323131626361386363613338656362353436313530383562373439663034333933323330386638 +36303434366238373335633165343737373632643838663264376536653837633331643738323039 +66376636666462616137633762376230333639346631336231313336373330393439356539373762 +38613038636366613634396263303238666535386138626363373065353136323163393534663830 +3063