feat: move port and vlan definition to variables

feat: save changes to nonvolatile memory
feat: add port assignment
2023-07-15 12:17:03 +02:00 · 2023-07-14 22:52:02 +02:00 · 2023-07-14 22:44:02 +02:00 · 2023-07-14 22:05:57 +02:00 · 2023-07-14 21:47:25 +02:00 · 2023-07-14 21:31:23 +02:00
7 changed files with 450 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+vault-pass
--- a/device-cisco-2960-1.yml
+++ b/device-cisco-2960-1.yml
@ -0,0 +1,97 @@
+---
+- hosts: cisco-2960-1.n39.eu
+  become: true
+
+  tasks:
+    - name: configure login banner
+      cisco.ios.ios_banner:
+        banner: login
+        text: "Documentation here: https://wiki.netz39.de/internal:inventory:network:2960s-24td-l"
+        state: present
+
+    - name: configure vlans
+      cisco.ios.ios_vlans:
+        config:
+          - name: lan
+            vlan_id: 4
+            state: active
+            shutdown: disabled
+          - name: wan
+            vlan_id: 5
+            state: active
+            shutdown: disabled
+          - name: service
+            vlan_id: 7
+            state: active
+            shutdown: disabled
+          - name: legacy
+            vlan_id: 8
+            state: active
+            shutdown: disabled
+          - name: dmz
+            vlan_id: 9
+            state: active
+            shutdown: disabled
+          - name: ffmd-client
+            vlan_id: 11
+            state: active
+            shutdown: disabled
+        state: merged
+
+    - name: configure port assignment
+      cisco.ios.ios_l2_interfaces:
+        config:
+          # USV
+          - name: Gi1/0/6
+            mode: access
+            access:
+              vlan: 1
+          # beaker ipmi
+          - name: Gi1/0/9
+            mode: access
+            access:
+              vlan: 1
+          # Patchfeld 1, Switch ausleihliste
+          - name: Gi1/0/13
+            mode: trunk
+            trunk:
+              allowed_vlans: 1,4,5,7,8,11
+              native_vlan: 4
+          # patchfeld 2 - Raspberry Pi Platon
+          - name: Gi1/0/15
+            mode: access
+            access:
+              vlan: 4
+          # patchfeld 6 - Access Point Hempels Zimmer
+          - name: Gi1/0/17
+            mode: access
+            access:
+              vlan: 4
+          # FräsPC
+          - name: Gi1/0/19
+            mode: access
+            access:
+              vlan: 4
+          # patchfeld 4 - Switch am Basteltisch
+          - name: Gi1/0/20
+            mode: trunk
+            trunk:
+              allowed_vlans: 1,4,5,7,8,11
+              native_vlan: 4
+          # uplink descartes
+          - name: Gi1/0/25
+            mode: trunk
+            trunk:
+              allowed_vlans: 1-11
+              native_vlan: 1
+          # server marx
+          - name: Gi1/0/26
+            mode: trunk
+            trunk:
+              allowed_vlans: 1-11
+              native_vlan: 1
+        state: merged
+  
+    - name: Save running to startup when modified
+      cisco.ios.ios_config:
+        save_when: modified
--- a/host_vars/cisco-2960-1.n39.eu/port-assignments.yml
+++ b/host_vars/cisco-2960-1.n39.eu/port-assignments.yml
@ -0,0 +1,310 @@
+---
+ios_interfaces:
+  GigabitEthernet1/0/1:
+    description: MGMT
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 1
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/2:
+    description: MGMT
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 1
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/3:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/4:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/5:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/6:
+    description: USV
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 1
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/7:
+    description: beaker
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/8:
+    description: beaker
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/9:
+    description: beaker ipmi
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 1
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/10:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/11:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/12:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/13:
+    description: patchfeld 1 - Switch an Ausleihliste
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: 1,4,5,7,8,11
+      trunk_native_vlan: 4
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/14:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/15:
+    description: patchfeld 2 - Raspberry Pi Platon
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/16:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/17:
+    description: patchfeld 6 - Access Point Hempels Zimmer
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: 1,4,5,7,8,11
+      trunk_native_vlan: 4
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/18:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/19:
+    description: FräsPC
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/20:
+    description: patchfeld 4 - Switch am Basteltisch
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: 1,4,5,7,8,11
+      trunk_native_vlan: 4
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/21:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/22:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/23:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/24:
+    description: lan
+    enabled: true
+    l2:
+      mode: access
+      access_vlan: 4
+      trunk_allowed_vlans:
+      trunk_native_vlan:
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/25:
+    description: uplink von descartes
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/26:
+    description: marx
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/27:
+    description: unconfigured
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
+  GigabitEthernet1/0/28:
+    description: unconfigured
+    enabled: true
+    l2:
+      mode: trunk
+      access_vlan:
+      trunk_allowed_vlans: all
+      trunk_native_vlan: 1
+      state: present
+    lines: []
+    state: present
--- a/host_vars/cisco-2960-1.n39.eu/vars.yml
+++ b/host_vars/cisco-2960-1.n39.eu/vars.yml
@ -0,0 +1,7 @@
+---
+ansible_host: 172.23.63.45
+ansible_user: admin
+ansible_password: "{{ vault_ansible_password }}"
+ansible_become_password: "{{ vault_ansible_password }}"
+ansible_connection: network_cli
+ansible_network_os: ios
--- a/host_vars/cisco-2960-1.n39.eu/vault
+++ b/host_vars/cisco-2960-1.n39.eu/vault
@ -0,0 +1,8 @@
+$ANSIBLE_VAULT;1.1;AES256
+64656665316637386363313263653532393161656531336262613266363231373537396633386231
+3834356536353235356630333766396233626130653237380a396137336262376539373838623762
+35396361643263313239386637653330646134616333333961306537306464626461626462626665
+3763386531316433390a323533353531363335306663343632326562663334303466663664363530
+38613135333336656131646534633839386330323164643338333763373839306566656633633161
+62643964343763316264376366636562316336616665663865336633373266353931366336346666
+616135333836343436633136636163656138
--- a/host_vars/cisco-2960-1.n39.eu/vlans.yml
+++ b/host_vars/cisco-2960-1.n39.eu/vlans.yml
@ -0,0 +1,23 @@
+---
+ios_vlans:
+  1:
+    name: MGMT
+    state: present
+  4:
+    name: lan
+    state: present
+  5:
+    name: wan
+    state: present
+  7:
+    name: service
+    state: present
+  8:
+    name: legacy
+    state: present
+  9:
+    name: dmz
+    state: present
+  11:
+    name: ffmd-client
+    state: present
--- a/inventory.yml
+++ b/inventory.yml
@ -17,6 +17,7 @@ all:
    k3s-w1.n39.eu:
    k3s-w2.n39.eu:
    k3s-w3.n39.eu:
+    cisco-2960-1.n39.eu:

  children:
    docker_host:
@ -69,3 +70,6 @@ all:
        k3s-w1.n39.eu:
        k3s-w2.n39.eu:
        k3s-w3.n39.eu:
+    network:
+      hosts:
+        cisco-2960-1.n39.eu:
Author	SHA1	Message	Date
timherrm	eebdf0b360	feat: move port and vlan definition to variables	2023-07-15 12:17:03 +02:00
David Kilias	7846e91e6b	feat: save changes to nonvolatile memory	2023-07-14 22:52:02 +02:00
David Kilias	a454932328	feat: add port assignment	2023-07-14 22:44:02 +02:00
David Kilias	3fff171180	feat: configure vlan	2023-07-14 22:05:57 +02:00
David Kilias	77c2d6aa04	feat add switch login banner	2023-07-14 21:47:25 +02:00
David Kilias	d211caae89	rename switch host	2023-07-14 21:31:23 +02:00
David Kilias	a9567bd31d	feat: add initial work to configure cisco router	2023-07-13 23:44:00 +02:00