Added 1st version of basic configuration script for IOS-XE devices.

2021-04-22 12:37:54 +01:00 · 2021-04-22 12:37:54 +01:00 · d83e12c195
commit d83e12c195
parent 27098c5df0
2 changed files with 118 additions and 10 deletions
--- a/ios_devices/CSR_basic_provisioning.yml
+++ b/ios_devices/CSR_basic_provisioning.yml
@ -0,0 +1,106 @@
+---
+## This playbook configures essential features on IOS-XE for a new router (CSR in this case) 
+## The only requirement is a working SSH connection to the device
+
+- name: Configure essential features on IOS-XE device
+  hosts: homekit
+  gather_facts: false
+  connection: network_cli
+  roles:
+  - common
+
+  tasks:
+
+    #Collect current device information 
+
+    - name: Collect device facts
+      ios_facts:
+        gather_subset: all
+      register: current_config
+
+    - name: Configuring login banner
+      ios_banner:
+        banner: login
+        text: |
+          |--------------------------------------------------------------------------|
+          |                     I M P O R T A N T   N O T I C E                      |
+          |Unauthorised use of this computer system may lead to criminal prosecution.|
+          |If you are not an authorised user, disconnect immediately.                |
+          |Your use of this system may be monitored and/or recorded.                 |
+          |By accessing and using this system you consent to such monitoring for     |
+          |law enforcement and other purposes.                                       |
+          |--------------------------------------------------------------------------|
+        state: present
+
+    - name: Configuring exec banner
+      ios_banner:
+        banner: exec
+        text: |
+          |--------------------------------------------------------------------------|
+          |This device is managed, supported and it's configuration owned by the     |
+          |Virgin Media Business Data Services team in England                       |
+          |--------------------------------------------------------------------------|
+        state: present
+
+    - name: Configuring MOTD banner
+      ios_banner:
+        banner: motd
+        text: |
+          
+          Welcome!
+
+        state: present
+
+    - name: Configuring NTP servers
+      ios_ntp:
+        server: 1.uk.pool.ntp.org	
+        logging: yes
+        state: present
+
+    - name: Configuring logging levels
+      ios_logging:
+        aggregate: 
+        - {dest: buffered, level: notifications, size: 10000}
+        - {dest: console, level: debugging}
+        state: present
+
+    - name: Configuring hostname and domain settings
+      ios_system:
+        hostname: ThinkPad-CSRv
+        domain_name: ThinkPad-CSRv.vladlab.local
+        lookup_enabled: no
+        name_servers:
+        - 192.168.1.1
+        - 8.8.8.8
+
+    - name: Configuring user account for automation jobs
+      ios_user:
+        name: ansible_user
+        hashed_password:
+          type: 9
+          value: $9$CvE4F0G0ZTgz7E$Gj2TQ4HJasemYExfmYnAyJQzkGvLVqlGtcfWt3ZfVcI
+        privilege: 15
+        state: present
+
+    - name: Configuring system settings and commit changes to startup-config
+      ios_config:
+        lines:
+        - service timestamps debug datetime msec localtime show-timezone
+        - service timestamps log datetime msec localtime show-timezone
+        - service tcp-keepalives-in
+        - clock timezone GMT 0 0
+        - clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00
+        - aaa new-model
+        - aaa authentication login default local
+        - aaa authentication enable default enable
+        - aaa authorization config-commands
+        - aaa authorization exec default local
+        - aaa authorization commands 0 default local
+        - aaa authorization commands 15 default local
+        - aaa accounting exec default start-stop logger
+        - aaa accounting commands 0 default start-stop logger
+        - aaa accounting commands 1 default start-stop logger
+        - aaa accounting commands 15 default start-stop logger
+        - aaa accounting system default start-stop logger
+        - aaa session-id common
+        save_when: modified
--- a/ios_devices/roles/common/vars/main.yml
+++ b/ios_devices/roles/common/vars/main.yml
@ -1,11 +1,13 @@
 $ANSIBLE_VAULT;1.1;AES256
-35373731666438323066373934303338663834323031623962343831623733393663346532316133
-6137633963666537306430323662363166636465633761610a666230376431336665643534656432
-62336434616330363232356165363961316530383834326239653936653537643166356436666233
-3039353531356632350a383036363537303364313735653330303361363964386439326462303532
-62383464336336316666663332313538653530376536393130653633316339323430316635306461
-63643033646162383436633937383634616637653862376366353936623539363230303136386233
-34623561303661313732363864663261646562616665653036336635646532643135343939666234
-36323038323333656366643337646262353537353230383862613036613465656566616465623937
-31666130613632393037323333376239663836623036643166386432386466393566333135633164
-6434343461306633333535303865346531656135643733363566
+38336132353035343631653464326665616635363064623564613030383231633135376264306634
+6233303232383865303265363261356632383237373861370a343433333839356534323738646666
+66613065346138356261346362343436366231613131336531653436356363613339643831663836
+3936366331323537370a316639333639646434323937303937626132363730363136613336313763
+61346432323133326665653562663161633661653730613930303133333362643837393636383235
+34333738343261346362616239656264393262343731656566323233316262303866653530393839
+63336536366138633833383534656430373165663439643464376439666337616331343565646363
+61636261383531623535353964626435376336633234343134373865613437363231623839303964
+34356133326664616564623538366536313334626664613939343366326263613334383132383536
+30303334336432353238333231323935313932633562383232303366343466303034613933643964
+35306637663431363932353338633163363966636366366438336431666631363134373964643731
+62333761616334323562