access: enable SNMP for FS S5860 switches

Almost, but not quite, entirely like D-Link.
This commit is contained in:
Timotej Lazar 2025-09-24 16:21:06 +02:00
parent 343fd0daad
commit 4385ad4ff4
2 changed files with 34 additions and 1 deletions

View file

@ -1 +0,0 @@
fs.yml

View file

@ -0,0 +1,30 @@
- name: Get secrets for SNMP manager
set_fact:
manager: '{{ lookup("passwordstore", "host/"+snmp_manager.name, returnall=true, missing="empty") | from_yaml }}'
- name: Generate SNMP passwords
delegate_to: localhost
command: 'snmpv3-hashgen --yaml --user {{ manager.snmp_user }} --auth {{ manager.snmp_pass }} --priv {{ manager.snmp_pass }} --hash sha1 --engine {{ snmp_engine_id }}'
check_mode: false
changed_when: false
register: snmp_config
- name: Get SNMP password hash
set_fact:
snmp_hashes: '{{ (snmp_config.stdout | from_yaml).snmpv3.hashes }}'
- name: Set SNMP engine ID
ansible.netcommon.cli_command:
command: "{{ item }}"
prompt: "% Warning: All SNMP users will be deleted\\. Do you want to continue\\? \\[Y/N\\]:"
answer: "y"
loop:
- configure
- snmp-server local-engineid {{ snmp_engine_id }}
- exit
when: not ansible_check_mode
- name: Create SNMP user
ansible.netcommon.cli_config:
config: "snmp-server user {{ manager.snmp_user }} public v3 encrypted auth sha {{ snmp_hashes.auth | upper }} priv des56 {{ snmp_hashes.priv[:32] | upper }}"
notify: write config

View file

@ -55,3 +55,7 @@ interface {{ iface.name }}
{% endif %}
{% endfor %}
enable service snmp-agent
snmp-server location {{ rack }}
snmp-server group public v3 priv read default