diff --git a/roles/access/tasks/fs-s5860-48xmg-u.yml b/roles/access/tasks/fs-s5860-48xmg-u.yml deleted file mode 120000 index b136bed..0000000 --- a/roles/access/tasks/fs-s5860-48xmg-u.yml +++ /dev/null @@ -1 +0,0 @@ -fs.yml \ No newline at end of file diff --git a/roles/access/tasks/fs-s5860-48xmg-u.yml b/roles/access/tasks/fs-s5860-48xmg-u.yml new file mode 100644 index 0000000..8f30f7c --- /dev/null +++ b/roles/access/tasks/fs-s5860-48xmg-u.yml @@ -0,0 +1,30 @@ +- name: Get secrets for SNMP manager + set_fact: + manager: '{{ lookup("passwordstore", "host/"+snmp_manager.name, returnall=true, missing="empty") | from_yaml }}' + +- name: Generate SNMP passwords + delegate_to: localhost + command: 'snmpv3-hashgen --yaml --user {{ manager.snmp_user }} --auth {{ manager.snmp_pass }} --priv {{ manager.snmp_pass }} --hash sha1 --engine {{ snmp_engine_id }}' + check_mode: false + changed_when: false + register: snmp_config + +- name: Get SNMP password hash + set_fact: + snmp_hashes: '{{ (snmp_config.stdout | from_yaml).snmpv3.hashes }}' + +- name: Set SNMP engine ID + ansible.netcommon.cli_command: + command: "{{ item }}" + prompt: "% Warning: All SNMP users will be deleted\\. Do you want to continue\\? \\[Y/N\\]:" + answer: "y" + loop: + - configure + - snmp-server local-engineid {{ snmp_engine_id }} + - exit + when: not ansible_check_mode + +- name: Create SNMP user + ansible.netcommon.cli_config: + config: "snmp-server user {{ manager.snmp_user }} public v3 encrypted auth sha {{ snmp_hashes.auth | upper }} priv des56 {{ snmp_hashes.priv[:32] | upper }}" + notify: write config diff --git a/roles/access/templates/config-fs-s5860-48xmg-u.j2 b/roles/access/templates/config-fs-s5860-48xmg-u.j2 index 036b709..83c8a90 100644 --- a/roles/access/templates/config-fs-s5860-48xmg-u.j2 +++ b/roles/access/templates/config-fs-s5860-48xmg-u.j2 @@ -55,3 +55,7 @@ interface {{ iface.name }} {% endif %} {% endfor %} + +enable service snmp-agent +snmp-server location {{ rack }} +snmp-server group public v3 priv read default