From d83e12c195f633615c759cb8bf02e1199ab00d50 Mon Sep 17 00:00:00 2001 From: Vlad Raducanu Date: Thu, 22 Apr 2021 12:37:54 +0100 Subject: [PATCH] Added 1st version of basic configuration script for IOS-XE devices. --- ios_devices/CSR_basic_provisioning.yml | 106 +++++++++++++++++++++++++ ios_devices/roles/common/vars/main.yml | 22 ++--- 2 files changed, 118 insertions(+), 10 deletions(-) create mode 100644 ios_devices/CSR_basic_provisioning.yml diff --git a/ios_devices/CSR_basic_provisioning.yml b/ios_devices/CSR_basic_provisioning.yml new file mode 100644 index 0000000..a4219d5 --- /dev/null +++ b/ios_devices/CSR_basic_provisioning.yml @@ -0,0 +1,106 @@ +--- +## This playbook configures essential features on IOS-XE for a new router (CSR in this case) +## The only requirement is a working SSH connection to the device + +- name: Configure essential features on IOS-XE device + hosts: homekit + gather_facts: false + connection: network_cli + roles: + - common + + tasks: + + #Collect current device information + + - name: Collect device facts + ios_facts: + gather_subset: all + register: current_config + + - name: Configuring login banner + ios_banner: + banner: login + text: | + |--------------------------------------------------------------------------| + | I M P O R T A N T N O T I C E | + |Unauthorised use of this computer system may lead to criminal prosecution.| + |If you are not an authorised user, disconnect immediately. | + |Your use of this system may be monitored and/or recorded. | + |By accessing and using this system you consent to such monitoring for | + |law enforcement and other purposes. | + |--------------------------------------------------------------------------| + state: present + + - name: Configuring exec banner + ios_banner: + banner: exec + text: | + |--------------------------------------------------------------------------| + |This device is managed, supported and it's configuration owned by the | + |Virgin Media Business Data Services team in England | + |--------------------------------------------------------------------------| + state: present + + - name: Configuring MOTD banner + ios_banner: + banner: motd + text: | + + Welcome! + + state: present + + - name: Configuring NTP servers + ios_ntp: + server: 1.uk.pool.ntp.org + logging: yes + state: present + + - name: Configuring logging levels + ios_logging: + aggregate: + - {dest: buffered, level: notifications, size: 10000} + - {dest: console, level: debugging} + state: present + + - name: Configuring hostname and domain settings + ios_system: + hostname: ThinkPad-CSRv + domain_name: ThinkPad-CSRv.vladlab.local + lookup_enabled: no + name_servers: + - 192.168.1.1 + - 8.8.8.8 + + - name: Configuring user account for automation jobs + ios_user: + name: ansible_user + hashed_password: + type: 9 + value: $9$CvE4F0G0ZTgz7E$Gj2TQ4HJasemYExfmYnAyJQzkGvLVqlGtcfWt3ZfVcI + privilege: 15 + state: present + + - name: Configuring system settings and commit changes to startup-config + ios_config: + lines: + - service timestamps debug datetime msec localtime show-timezone + - service timestamps log datetime msec localtime show-timezone + - service tcp-keepalives-in + - clock timezone GMT 0 0 + - clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00 + - aaa new-model + - aaa authentication login default local + - aaa authentication enable default enable + - aaa authorization config-commands + - aaa authorization exec default local + - aaa authorization commands 0 default local + - aaa authorization commands 15 default local + - aaa accounting exec default start-stop logger + - aaa accounting commands 0 default start-stop logger + - aaa accounting commands 1 default start-stop logger + - aaa accounting commands 15 default start-stop logger + - aaa accounting system default start-stop logger + - aaa session-id common + save_when: modified \ No newline at end of file diff --git a/ios_devices/roles/common/vars/main.yml b/ios_devices/roles/common/vars/main.yml index 5af2e7d..c4492a0 100644 --- a/ios_devices/roles/common/vars/main.yml +++ b/ios_devices/roles/common/vars/main.yml @@ -1,11 +1,13 @@ $ANSIBLE_VAULT;1.1;AES256 -35373731666438323066373934303338663834323031623962343831623733393663346532316133 -6137633963666537306430323662363166636465633761610a666230376431336665643534656432 -62336434616330363232356165363961316530383834326239653936653537643166356436666233 -3039353531356632350a383036363537303364313735653330303361363964386439326462303532 -62383464336336316666663332313538653530376536393130653633316339323430316635306461 -63643033646162383436633937383634616637653862376366353936623539363230303136386233 -34623561303661313732363864663261646562616665653036336635646532643135343939666234 -36323038323333656366643337646262353537353230383862613036613465656566616465623937 -31666130613632393037323333376239663836623036643166386432386466393566333135633164 -6434343461306633333535303865346531656135643733363566 +38336132353035343631653464326665616635363064623564613030383231633135376264306634 +6233303232383865303265363261356632383237373861370a343433333839356534323738646666 +66613065346138356261346362343436366231613131336531653436356363613339643831663836 +3936366331323537370a316639333639646434323937303937626132363730363136613336313763 +61346432323133326665653562663161633661653730613930303133333362643837393636383235 +34333738343261346362616239656264393262343731656566323233316262303866653530393839 +63336536366138633833383534656430373165663439643464376439666337616331343565646363 +61636261383531623535353964626435376336633234343134373865613437363231623839303964 +34356133326664616564623538366536313334626664613939343366326263613334383132383536 +30303334336432353238333231323935313932633562383232303366343466303034613933643964 +35306637663431363932353338633163363966636366366438336431666631363134373964643731 +62333761616334323562