ansible for mikrotik

1. #код варианта 1
2. [Mikrotiks]
3. 1.2.3.4 file_name=Kostroma
4. 2.3.4.5 file_name=Adygeya
5. 3.4.5.6 file_name=Amur
6. [Mikrotiks:vars]
7. ansible_ssh_user=ansible_user
8. ansible_network_os=routeros
9.  
10. #файл .yml
11. - hosts: Mikrotiks
12.   vars_files:
13.     - /etc/ansible/vars/mik_pass_vault.yml
14.   connection: network_cli
15.   gather_facts: false
16.   tasks:
17.     - name: backup-file create
18.       routeros_command:
19.         commands: /system backup save name={{ file_name }}
20.     - name: backup-resource create
21.       routeros_command:
22.         commands: export file={{ file_name }}.rsc
23.     - name: backup-file download
24.       ansible.netcommon.net_get:
25.         src: "{{ file_name }}.backup"
26.         dest: /usr/svn_backup_repo/DFL_BACKUPS/mikrotik/{{ file_name }}.backup
27.         protocol: sftp
28.     - name: backup-resource download
29.       ansible.netcommon.net_get:
30.         src: "{{ file_name }}.rsc"
31.         dest: /usr/svn_backup_repo/DFL_BACKUPS/mikrotik/{{ file_name }}.rsc
32.         protocol: sftp
33. #код варианта 2
34. [Mikrotiks]
35. 1.2.3.4
36. 2.3.4.5
37. 3.4.5.6
38. [Mikrotiks:vars]
39. ansible_ssh_user=ansible_user
40. ansible_network_os=routeros
41.  
42. #файл .yml
43. - hosts: Mikrotiks
44.   vars_files:
45.     - /etc/ansible/vars/mik_pass_vault.yml
46.   connection: network_cli
47.   gather_facts: false
48.   tasks:
49.     - name: do backup
50.       routeros_command:
51.         commands: /system backup save name=[/system identity get name]
52.     - name: get name of mik
53.       routeros_command:
54.         commands: /system identity print
55.       register: mik_identity
56.     - name: get identity from string
57.       shell: echo {{ mik_identity.stdout_lines }} | cut -d':' -f 2 | cut -c2- |  rev | cut -c3- | rev
58.       register: identity
59.      - name: get backup
60.       ansible.netcommon.net_get:
61.         src: "{{ identity.stdout_lines[0] }}.backup"
62.         dest: /usr/svn_backup_repo/DFL_BACKUPS/mikrotik/{{ identity.stdout_lines[0] }}.backup
63.         protocol: sftp
64. #Код для сохранения в системе контроля версий
65. #!/bin/bash
66. now=$(date +"%d_%m_%Y")
67. rm /usr/scripts/log.txt
68. ansible-playbook --vault-password-file /etc/ansible/vault_pass_file /usr/scripts/mik-backup.yml >> /usr/scripts/log.txt
69. cd /usr/svn_backup_repo/DFL_BACKUPS
70. svn add mikrotik/* --force -q >> /usr/scripts/log.txt
71. svn commit -m "added backups $now" >> /usr/scripts/log.txt
72. /usr/bin/mail it@mydomain.ru < /usr/scripts/log.txt -s "Отчет о бэкапах Mikrotik"
73.  
74. #Код для псевдо-иммутабельности
75. - hosts: Mikrotiks
76.   vars_files:
77.     - /etc/ansible/vars/mik_pass_vault.yml
78.   connection: network_cli
79.   gather_facts: false
80.   tasks:
81.     - name: do backup
82.       routeros_command:
83.         commands: export file=[/system identity get name]
84.     - name: get name of mik
85.       routeros_command:
86.         commands: /system identity print
87.       register: mik_identity
88.     - name: get identity from string
89.       shell: echo {{ mik_identity.stdout_lines }} | cut -d':' -f 2 | cut -c2- |  rev | cut -c3- | rev
90.       register: identity
91.     - name: get backup
92.       ansible.netcommon.net_get:
93.         src: "{{ identity.stdout_lines[0] }}.rsc"
94.         dest: /tmp/{{ identity.stdout_lines[0] }}.rsc
95.         protocol: sftp
96.     - set_fact: command_line="add action=accept chain=ospf-out prefix=10.0.0.0/8 prefix-length=0-32"
97.     - name: find str
98.       shell: cat /tmp/{{ identity.stdout_lines[0] }}.rsc | grep -c "{{ command_line }}"
99.       register: outtext
100.       ignore_errors: true
101.     - name: ospf filer
102.       routeros_command:
103.         commands:
104.           - /routing filter {{ command_line }}
105.       when: outtext.stdout_lines[0] == "0"
106.