- name: Fetch passwords
  set_fact:
    password: '{{ lookup("passwordstore", "switch/"~inventory_hostname, returnall=true, missing="empty") | from_yaml }}'

- name: Set username and password for ansible connection
  set_fact:
    ansible_ssh_user: '{{ password.user }}'
    ansible_ssh_pass: '{{ password.pass }}'

- name: Generate SNMP engine ID from serial number
  set_fact:
    snmp_engine_id: '{{ (serial | sha1)[:24] }}'

- name: Set configuration
  ansible.netcommon.cli_config:
    config: '{{ lookup("template", "config-"~manufacturer~"-"~device_type~".j2") }}'
  vars:
    ansible_command_timeout: 60
    ansible_terminal_stderr_re: [] # some errors are not actually errors
  register: result
  # These lines are not displayed by 'sho ru' and always reported as different, so ignore them.
  changed_when: result.commands | reject('match', '^(no shutdown|no switchport access vlan|no voice vlan.*|switchport mode access|switchport mode hybrid|interface .*|no enable service web-server https?|no ip dhcp snooping|no ip dhcp snooping trust)$')
  notify: write config

- name: Run model-specific tasks
  include_tasks: '{{ manufacturer~"-"~device_type~".yml" }}'