JensWH/netz39-infra-ansible
1
0
Fork 0
forked from Netz39_Admin/netz39-infra-ansible
Code Pull requests Activity

Compare commits

merge into: JensWH:master
Branches Tags
JensWH:master
JensWH:renovate/renovate-renovate-38.x
JensWH:renovate/grafana-grafana-11.x
JensWH:renovate/grafana-grafana-10.x
JensWH:renovate/jacobalberty-unifi-8.x
JensWH:renovate/community.grafana-2.x
JensWH:renovate/mysql-9.x
JensWH:wittgenstein
JensWH:sig-neuer-router
JensWH:feat/cisco-switch
...
pull from: JensWH:feat/cisco-switch
Branches Tags
JensWH:master
JensWH:renovate/renovate-renovate-38.x
JensWH:renovate/grafana-grafana-11.x
JensWH:renovate/grafana-grafana-10.x
JensWH:renovate/jacobalberty-unifi-8.x
JensWH:renovate/community.grafana-2.x
JensWH:renovate/mysql-9.x
JensWH:wittgenstein
JensWH:sig-neuer-router
JensWH:feat/cisco-switch

7 commits
master ... feat/cisco

Author SHA1 Message Date
timherrm
eebdf0b360 feat: move port and vlan definition to variables 2023-07-15 12:17:03 +02:00
David Kilias
7846e91e6b feat: save changes to nonvolatile memory 2023-07-14 22:52:02 +02:00
David Kilias
a454932328 feat: add port assignment 2023-07-14 22:44:02 +02:00
David Kilias
3fff171180 feat: configure vlan 2023-07-14 22:05:57 +02:00
David Kilias
77c2d6aa04 feat add switch login banner 2023-07-14 21:47:25 +02:00
David Kilias
d211caae89 rename switch host 2023-07-14 21:31:23 +02:00
David Kilias
a9567bd31d feat: add initial work to configure cisco router 2023-07-13 23:44:00 +02:00
7 changed files with 450 additions and 0 deletions
Show stats Expand all files Collapse all files

1
.gitignore vendored Normal file
View file

@ -0,0 +1 @@
vault-pass

97
device-cisco-2960-1.yml Normal file
View file

@ -0,0 +1,97 @@
---
- hosts: cisco-2960-1.n39.eu
become: true
tasks:
- name: configure login banner
cisco.ios.ios_banner:
banner: login
text: "Documentation here: https://wiki.netz39.de/internal:inventory:network:2960s-24td-l"
state: present
- name: configure vlans
cisco.ios.ios_vlans:
config:
- name: lan
vlan_id: 4
state: active
shutdown: disabled
- name: wan
vlan_id: 5
state: active
shutdown: disabled
- name: service
vlan_id: 7
state: active
shutdown: disabled
- name: legacy
vlan_id: 8
state: active
shutdown: disabled
- name: dmz
vlan_id: 9
state: active
shutdown: disabled
- name: ffmd-client
vlan_id: 11
state: active
shutdown: disabled
state: merged
- name: configure port assignment
cisco.ios.ios_l2_interfaces:
config:
# USV
- name: Gi1/0/6
mode: access
access:
vlan: 1
# beaker ipmi
- name: Gi1/0/9
mode: access
access:
vlan: 1
# Patchfeld 1, Switch ausleihliste
- name: Gi1/0/13
mode: trunk
trunk:
allowed_vlans: 1,4,5,7,8,11
native_vlan: 4
# patchfeld 2 - Raspberry Pi Platon
- name: Gi1/0/15
mode: access
access:
vlan: 4
# patchfeld 6 - Access Point Hempels Zimmer
- name: Gi1/0/17
mode: access
access:
vlan: 4
# FräsPC
- name: Gi1/0/19
mode: access
access:
vlan: 4
# patchfeld 4 - Switch am Basteltisch
- name: Gi1/0/20
mode: trunk
trunk:
allowed_vlans: 1,4,5,7,8,11
native_vlan: 4
# uplink descartes
- name: Gi1/0/25
mode: trunk
trunk:
allowed_vlans: 1-11
native_vlan: 1
# server marx
- name: Gi1/0/26
mode: trunk
trunk:
allowed_vlans: 1-11
native_vlan: 1
state: merged
- name: Save running to startup when modified
cisco.ios.ios_config:
save_when: modified

310
host_vars/cisco-2960-1.n39.eu/port-assignments.yml Normal file
View file

@ -0,0 +1,310 @@
---
ios_interfaces:
GigabitEthernet1/0/1:
description: MGMT
enabled: true
l2:
mode: access
access_vlan: 1
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/2:
description: MGMT
enabled: true
l2:
mode: access
access_vlan: 1
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/3:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/4:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/5:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/6:
description: USV
enabled: true
l2:
mode: access
access_vlan: 1
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/7:
description: beaker
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present
GigabitEthernet1/0/8:
description: beaker
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present
GigabitEthernet1/0/9:
description: beaker ipmi
enabled: true
l2:
mode: access
access_vlan: 1
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/10:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/11:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/12:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/13:
description: patchfeld 1 - Switch an Ausleihliste
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: 1,4,5,7,8,11
trunk_native_vlan: 4
state: present
lines: []
state: present
GigabitEthernet1/0/14:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/15:
description: patchfeld 2 - Raspberry Pi Platon
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/16:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/17:
description: patchfeld 6 - Access Point Hempels Zimmer
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: 1,4,5,7,8,11
trunk_native_vlan: 4
state: present
lines: []
state: present
GigabitEthernet1/0/18:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/19:
description: FräsPC
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/20:
description: patchfeld 4 - Switch am Basteltisch
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: 1,4,5,7,8,11
trunk_native_vlan: 4
state: present
lines: []
state: present
GigabitEthernet1/0/21:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/22:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/23:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/24:
description: lan
enabled: true
l2:
mode: access
access_vlan: 4
trunk_allowed_vlans:
trunk_native_vlan:
state: present
lines: []
state: present
GigabitEthernet1/0/25:
description: uplink von descartes
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present
GigabitEthernet1/0/26:
description: marx
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present
GigabitEthernet1/0/27:
description: unconfigured
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present
GigabitEthernet1/0/28:
description: unconfigured
enabled: true
l2:
mode: trunk
access_vlan:
trunk_allowed_vlans: all
trunk_native_vlan: 1
state: present
lines: []
state: present

7
host_vars/cisco-2960-1.n39.eu/vars.yml Normal file
View file

@ -0,0 +1,7 @@
---
ansible_host: 172.23.63.45
ansible_user: admin
ansible_password: "{{ vault_ansible_password }}"
ansible_become_password: "{{ vault_ansible_password }}"
ansible_connection: network_cli
ansible_network_os: ios

8
host_vars/cisco-2960-1.n39.eu/vault Normal file
View file

@ -0,0 +1,8 @@
$ANSIBLE_VAULT;1.1;AES256
64656665316637386363313263653532393161656531336262613266363231373537396633386231
3834356536353235356630333766396233626130653237380a396137336262376539373838623762
35396361643263313239386637653330646134616333333961306537306464626461626462626665
3763386531316433390a323533353531363335306663343632326562663334303466663664363530
38613135333336656131646534633839386330323164643338333763373839306566656633633161
62643964343763316264376366636562316336616665663865336633373266353931366336346666
616135333836343436633136636163656138

23
host_vars/cisco-2960-1.n39.eu/vlans.yml Normal file
View file

@ -0,0 +1,23 @@
---
ios_vlans:
1:
name: MGMT
state: present
4:
name: lan
state: present
5:
name: wan
state: present
7:
name: service
state: present
8:
name: legacy
state: present
9:
name: dmz
state: present
11:
name: ffmd-client
state: present

4
inventory.yml
View file

@ -17,6 +17,7 @@ all:
k3s-w1.n39.eu: k3s-w1.n39.eu:
k3s-w2.n39.eu: k3s-w2.n39.eu:
k3s-w3.n39.eu: k3s-w3.n39.eu:
cisco-2960-1.n39.eu:
children: children:
docker_host: docker_host:
@ -69,3 +70,6 @@ all:
k3s-w1.n39.eu: k3s-w1.n39.eu:
k3s-w2.n39.eu: k3s-w2.n39.eu:
k3s-w3.n39.eu: k3s-w3.n39.eu:
network:
hosts:
cisco-2960-1.n39.eu: