118 lines
4.1 KiB
YAML
Executable File
118 lines
4.1 KiB
YAML
Executable File
---
|
|
## This playbook configures essential features on IOS-XE for a new router (CSR in this case)
|
|
## The only requirement is a working SSH connection to the device
|
|
|
|
- name: Configure essential features on IOS-XE device
|
|
hosts: baguleykit
|
|
gather_facts: false
|
|
connection: network_cli
|
|
roles:
|
|
- common
|
|
|
|
tasks:
|
|
|
|
#Collect current device information
|
|
|
|
- name: Collect current device facts
|
|
cisco.ios.ios_facts:
|
|
gather_subset: all
|
|
register: current_config
|
|
|
|
- name: Configuring login banner
|
|
cisco.ios.ios_banner:
|
|
banner: login
|
|
text: |
|
|
|--------------------------------------------------------------------------|
|
|
| I M P O R T A N T N O T I C E |
|
|
|Unauthorised use of this computer system may lead to criminal prosecution.|
|
|
|If you are not an authorised user, disconnect immediately. |
|
|
|Your use of this system may be monitored and/or recorded. |
|
|
|By accessing and using this system you consent to such monitoring for |
|
|
|law enforcement and other purposes. |
|
|
|--------------------------------------------------------------------------|
|
|
state: present
|
|
|
|
- name: Configuring exec banner
|
|
cisco.ios.ios_banner:
|
|
banner: exec
|
|
text: |
|
|
|--------------------------------------------------------------------------|
|
|
|This device is managed, supported and its configuration is owned by the |
|
|
|Virgin Media Business Near Core Activations team in England. |
|
|
|--------------------------------------------------------------------------|
|
|
state: present
|
|
|
|
- name: Configuring MOTD banner
|
|
cisco.ios.ios_banner:
|
|
banner: motd
|
|
text: |
|
|
|
|
Welcome to the Near Core Activations network infrastructure!
|
|
|
|
state: present
|
|
|
|
- name: Configuring NTP servers
|
|
cisco.ios.ios_ntp_global:
|
|
config:
|
|
logging: true
|
|
servers:
|
|
- server: uk.pool.ntp.org
|
|
version: 2
|
|
- server: 172.16.1.112
|
|
version: 2
|
|
state: merged
|
|
|
|
- name: Configuring logging levels
|
|
cisco.ios.ios_logging_global:
|
|
config:
|
|
buffered:
|
|
severity: notifications
|
|
size: 8096
|
|
console:
|
|
severity: errors
|
|
state: merged
|
|
|
|
- name: Configuring hostname and domain settings
|
|
cisco.ios.ios_system:
|
|
hostname: "ANSIBLE-{{ current_config.ansible_facts.ansible_net_model }}"
|
|
domain_name: siplab.net
|
|
lookup_enabled: yes
|
|
name_servers:
|
|
- 10.30.10.250
|
|
- 8.8.8.8
|
|
|
|
- name: Configuring console and VTY settings
|
|
cisco.ios.ios_config:
|
|
lines:
|
|
- authorization exec default
|
|
- login authentication default
|
|
- logging synchronous
|
|
parents:
|
|
- "{{ item }}"
|
|
with_items:
|
|
- line vty 0 15
|
|
- line con 0
|
|
|
|
- name: Configuring final system settings [AAA, services, timezone] and committing changes to startup-config
|
|
cisco.ios.ios_config:
|
|
lines:
|
|
- service timestamps debug datetime msec localtime show-timezone
|
|
- service timestamps log datetime msec localtime show-timezone
|
|
- service tcp-keepalives-in
|
|
- clock timezone GMT 0 0
|
|
- clock summer-time BST recurring last Sun Mar 1:00 last Sun Oct 2:00
|
|
- aaa new-model
|
|
- aaa authentication login default local
|
|
- aaa authentication enable default enable
|
|
- aaa authorization config-commands
|
|
- aaa authorization exec default local
|
|
- aaa authorization commands 0 default local
|
|
- aaa authorization commands 15 default local
|
|
- aaa accounting exec default start-stop logger
|
|
- aaa accounting commands 0 default start-stop logger
|
|
- aaa accounting commands 1 default start-stop logger
|
|
- aaa accounting commands 15 default start-stop logger
|
|
- aaa accounting system default start-stop logger
|
|
- aaa session-id common
|
|
save_when: modified
|