revamp dellos6 roles

author: Christian Pointner <equinox@spreadspace.org> 2020-05-21 13:50:11 +0200
committer: Christian Pointner <equinox@spreadspace.org> 2020-05-21 13:50:11 +0200
commit: 272524137ff85531d3eeb3dc5879b5aa521531c4 (patch)
tree: 4daf51018d6661db7979c6eac9aaaa19437b60c0 /roles
parent: equinox-ws: install paramiko (diff)
5 files changed, 74 insertions, 25 deletions
diff --git a/roles/dellos6/base/defaults/main.yml b/roles/dellos6/base/defaults/main.yml
new file mode 100644
index 00000000..35d3cbb8
--- /dev/null
+++ b/roles/dellos6/base/defaults/main.yml
@@ -0,0 +1,11 @@
+---
+# dellos6_sntp:
+#   server:
+
+# dellos6_logging:
+#   server:
+
+# dellos6_snmp:
+#   location;
+#   contact:
+#   community:
diff --git a/roles/dellos6/base/tasks/main.yml b/roles/dellos6/base/tasks/main.yml
index 30924abd..58c31d74 100644
--- a/roles/dellos6/base/tasks/main.yml
+++ b/roles/dellos6/base/tasks/main.yml
@@ -1,7 +1,28 @@
 ---
-- name: disable telnet and http server
+## TODO: disable sntp if dellos6_sntp is not defined?
+- name: configure SNTP
+  when: dellos6_sntp is defined
   dellos6_config:
     lines:
-      - ip telnet server disable
-      - no ip http server
+      - "sntp server {{ dellos6_sntp.server }}"
+      - sntp unicast client enable
+  notify: save configuration
+
+## TODO: disable logging if dellos6_logging is not defined?
+- name: configure logging
+  when: dellos6_logging is defined
+  dellos6_config:
+    lines:
+      - "logging {{ dellos6_logging.server }}"
+      - exit
+  notify: save configuration
+
+## TODO: disable snmp if dellos6_snmp is not defined?
+- name: configure snmp
+  when: dellos6_snmp is defined
+  dellos6_config:
+    lines:
+      - '{% if "location" in dellos6_snmp %}snmp-server location "{{ dellos6_snmp.location }}"{% else %}no snmp-server location{% endif %}'
+      - '{% if "contact" in dellos6_snmp %}snmp-server contact "{{ dellos6_snmp.contact }}"{% else %}no snmp-server contact{% endif %}'
+      - 'snmp-server community {{ dellos6_snmp.community }}'
   notify: save configuration
diff --git a/roles/dellos6/bootstrap/templates/init.j2 b/roles/dellos6/bootstrap/templates/init.j2
index 42623fec..e832e614 100644
--- a/roles/dellos6/bootstrap/templates/init.j2
+++ b/roles/dellos6/bootstrap/templates/init.j2
@@ -15,6 +15,9 @@ exit
 interface vlan {{ dellos6_mgmt_vlan }}
 ip address {{ dellos6_mgmt_ipaddr }} {{ dellos6_mgmt_netmask }}
 exit
+{% if dellos6_mgmt_gateway is defined %}
+ip default-gateway {{ dellos6_mgmt_gateway }}
+{% endif %}
 no spanning-tree
 
 crypto key generate rsa
@@ -32,6 +35,11 @@ exit
 no application install hiveagent
 no application install SupportAssist
 
+ip telnet server disable
+no ip http server
+no snmp-server enable traps
+no snmp-server enable traps all
+
 enable password {{ ansible_become_password }}
 end
 
diff --git a/roles/dellos6/layer2/templates/interfaces.j2 b/roles/dellos6/layer2/templates/interfaces.j2
index 6484db19..dc6b344e 100644
--- a/roles/dellos6/layer2/templates/interfaces.j2
+++ b/roles/dellos6/layer2/templates/interfaces.j2
@@ -5,34 +5,41 @@ description "{{ interface.description }}"
 {%   endif %}
 {%   if 'channel_group' in interface %}
 channel-group {{ interface.channel_group }} mode active
-{%   endif %}
+{%   else %}
 switchport mode {{ interface.switchport_mode | default('access') }}
-{%   if 'switchport_mode' not in interface or interface.switchport_mode == 'access' %}
-{%     if 'vlan' in interface %}
+{%     if 'switchport_mode' not in interface or interface.switchport_mode == 'access' %}
+{%       if 'vlan' in interface %}
 switchport access vlan {{ interface.vlan }}
-{%     endif %}
-{%   elif interface.switchport_mode == 'trunk' %}
-{%     if 'pvid' in interface %}
+{%       endif %}
+{%     elif interface.switchport_mode == 'trunk' %}
+{%       if 'pvid' in interface %}
 switchport trunk native vlan {{ interface.pvid }}
-{%     endif %}
-{%   elif interface.switchport_mode == 'general' %}
-{%     if 'tagged_only' in interface and interface.tagged_only %}
+{%       endif %}
+{%     elif interface.switchport_mode == 'general' %}
+{%       if 'tagged_only' in interface and interface.tagged_only %}
 switchport general acceptable-frame-type tagged-only
-{%     endif %}
-{%     if 'ingress_filtering' in interface and not interface.ingress_filtering %}
+{%       endif %}
+{%       if 'ingress_filtering' in interface and not interface.ingress_filtering %}
 switchport general ingress-filtering disable
-{%     endif %}
-{%     if 'forbidden_vlans' in interface %}
-switchport general forbidden vlan add {{ interface.forbidden_vlans | join(',') }}
-{%     endif %}
-{%     if 'allowed_vlans_tagged' in interface %}
-switchport general allowed vlan add {{ interface.allowed_vlans_tagged | join(',') }} tagged
-{%     endif %}
-{%     if 'allowed_vlans_untagged' in interface %}
-switchport general allowed vlan add {{ interface.allowed_vlans_untagged | join(',') }} untagged
-{%     endif %}
-{%     if 'pvid' in interface %}
+{%       endif %}
+{%       if 'forbidden_vlans' in interface %}
+{%         for vlans in (interface.forbidden_vlans | vlan_parser) %}
+switchport general forbidden vlan add {{ vlans }}
+{%         endfor %}
+{%       endif %}
+{%       if 'allowed_vlans_tagged' in interface %}
+{%         for vlans in (interface.allowed_vlans_tagged | vlan_parser) %}
+switchport general allowed vlan add {{ vlans }} tagged
+{%         endfor %}
+{%       endif %}
+{%       if 'allowed_vlans_untagged' in interface %}
+{%         for vlans in (interface.allowed_vlans_untagged | vlan_parser) %}
+switchport general allowed vlan add {{ vlans }} untagged
+{%         endfor %}
+{%       endif %}
+{%       if 'pvid' in interface %}
 switchport general pvid {{ interface.pvid }}
+{%       endif %}
 {%     endif %}
 {%   endif %}
 exit
diff --git a/roles/dellos6/layer2/templates/vlans.j2 b/roles/dellos6/layer2/templates/vlans.j2
index 6403c735..a5081288 100644
--- a/roles/dellos6/layer2/templates/vlans.j2
+++ b/roles/dellos6/layer2/templates/vlans.j2
@@ -1,5 +1,7 @@
 {% for vlan in dellos6_vlans %}
+{%   if vlan.id != "1" %}
 vlan {{ vlan.id }}
 name "{{ vlan.name }}"
 exit
+{%   endif %}
 {% endfor %}
author	Christian Pointner <equinox@spreadspace.org>	2020-05-21 13:50:11 +0200
committer	Christian Pointner <equinox@spreadspace.org>	2020-05-21 13:50:11 +0200
commit	272524137ff85531d3eeb3dc5879b5aa521531c4 (patch)
tree	4daf51018d6661db7979c6eac9aaaa19437b60c0 /roles
parent	equinox-ws: install paramiko (diff)