network/roles/access/tasks/main.yml

- name: Get switch password
  set_fact:
    ansible_ssh_pass: '{{ lookup("passwordstore", "hosts/"~inventory_hostname, subkey="pass") }}'

# This should be provided by the netbox inventory plugin but isn’t yet.
# https://github.com/netbox-community/ansible_modules/issues/1007
- name: Fetch configuration from netbox
  uri:
    url: '{{ interfaces[0].device.url }}render-config/' # why URL can only be accessed through interface data is a mystery
    method: POST
    headers:
      Authorization: 'Token {{ lookup("env", "NETBOX_API_TOKEN") }}'
  register: config

- name: Set configuration
  ansible.netcommon.cli_config:
    config: '{{ config.json.content }}'
  register: result
  # These lines are not displayed by 'sho ru' and always reported as different, so ignore them.
  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?)$')
  notify: write config
access: move secrets to password store Keeping ansible-vault values in NetBox is too cumbersome and limited. 2024-02-13 09:33:14 +00:00			`- name: Get switch password`
			`set_fact:`
			`ansible_ssh_pass: '{{ lookup("passwordstore", "hosts/"~inventory_hostname, subkey="pass") }}'`

access: move templates to netbox And adjust tasks to work with FS switches also. 2023-12-29 13:55:00 +00:00			`# This should be provided by the netbox inventory plugin but isn’t yet.`
			`# https://github.com/netbox-community/ansible_modules/issues/1007`
			`- name: Fetch configuration from netbox`
			`uri:`
			`url: '{{ interfaces[0].device.url }}render-config/' # why URL can only be accessed through interface data is a mystery`
			`method: POST`
			`headers:`
			`Authorization: 'Token {{ lookup("env", "NETBOX_API_TOKEN") }}'`
			`register: config`

Initial commit, squashed 2023-12-18 10:22:14 +00:00			`- name: Set configuration`
			`ansible.netcommon.cli_config:`
access: move templates to netbox And adjust tasks to work with FS switches also. 2023-12-29 13:55:00 +00:00			`config: '{{ config.json.content }}'`
Initial commit, squashed 2023-12-18 10:22:14 +00:00			`register: result`
			`# These lines are not displayed by 'sho ru' and always reported as different, so ignore them.`
access: ignore more non‐changes Should probably move this somewhere more listy if it keeps growing. 2024-03-04 09:12:38 +00:00			`changed_when: result.commands \| reject('match', '^(no shutdown\|no switchport access vlan\|switchport mode access\|switchport mode hybrid\|interface .*\|no enable service web-server https?)$')`
Initial commit, squashed 2023-12-18 10:22:14 +00:00			`notify: write config`