aurore
/
ansible
15
2
Fork 0
Code Issues 1 Pull Requests 13 Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
new-infra
bird
dns
aruba
radius
on-en-a-litteralement-rien-a-foutre
radvd
keepalived
ifupdown2
master
dhcp
cleanup_no_ldap_for_servers
infra_router
ask_vault_pass
borgfix
auditd
prometheus_apt_pending_and_reboot
move_host_vars
prometheus-ipmi-exporter
fix-portail
crans
apt
remove_old_db_servers
rspamd
wireguard-ovh
pass
nullmailer
logs
mailserver
re2o-master
mail_server
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '8d596082b3'
${ noResults }
ansible/roles/aruba/templates/config.j2

155 lines
3.4 KiB
Django/Jinja
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

{{ ansible_managed | comment(decoration="; ") }}
hostname {{ aruba__hostname | enquote }}
include-credentials
{% if aruba__ntp_servers %}
timesync ntp
ntp unicast
{% for address in aruba__ntp_servers %}
ntp server {{ address | ipaddr }} iburst
{% endfor %}
{% if aruba__timezone == "Europe/Paris" %}
time daylight-time-rule western-europe
time timezone 60
{% endif %}
{% endif %}
{% for address in aruba__dns_servers[:2] %}
ip dns server-address priority {{ loop.index }} {{ address | ipaddr }}
{% endfor %}
{% if aruba__dns_domain_name is defined %}
ip dns domain-name {{ aruba__dns_domain_name | enquote }}
{% endif %}
; TODO
{% if False %}
snmpv3 enable
snmpv3 only
snmpv3 user "re2o"
;snmpv3 group ManagerPriv user "re2o" sec-model ver3
;snmp-server community "public" Operator
{% endif %}
no cdp run
lldp run
{%
set lldp_enabled =
aruba__interfaces
| dict2items
| selectattr("value.lldp", "defined")
| selectattr("value.lldp", "==", True)
| map(attribute="key")
%}
{%
set lldp_disabled =
aruba__interfaces.keys()
| difference(lldp_enabled)
| map("int")
| list
%}
{% if lldp_disabled %}
lldp admin-status {{ lldp_disabled | join(",") }} disable
{% endif %}
password manager plaintext {{ aruba__manager_password | enquote }}
{% if aruba__operator_password is defined %}
password operator plaintext {{ aruba__operator_password | enquote }}
{% endif %}
{% if aruba__ssh_enabled %}
ip ssh
ip ssh ciphertype aes256ctr
ip ssh kex ecdh-sha2-nistp521
ip ssh mac hmac-sha2-256
ip ssh filetransfer
{% else %}
no ip ssh
{% endif %}
no telnet-server
; FIXME: ssl
web-management plaintext
rest-interface
{%
set loop_protect =
aruba__interfaces
| dict2items
| selectattr("value.loop_protect", "defined")
| selectattr("value.loop_protect")
| map(attribute="key")
| map("int")
| list
%}
{% if loop_protect %}
loop-protect disable-timer {{ aruba__loop_protect_disable_timer | int }}
loop-protect transmit-interval {{ aruba__loop_protect_tx_interval | int }}
loop-protect {{ loop_protect | join(",") }}
{% endif %}
{% if aruba__default_gateways | ipv4 %}
ip default-gateway {{ aruba__default_gateways | ipv4 | first }}
{% endif %}
{% if aruba__default_gateways | ipv6 %}
ipv6 default-gateway {{ aruba__default_gateways | ipv6 | first }}
{% endif %}
{% for id, vlan in aruba__vlans.items() %}
vlan {{ id | int }}
{% if vlan.name is defined %}
name {{ vlan.name | enquote }}
{% endif %}
{%
set untagged =
aruba__interfaces
| dict2items
| selectattr("value.untagged", "defined")
| selectattr("value.untagged", "==", id)
| map(attribute="key")
| map("int")
| list
%}
{% if untagged %}
untagged {{ untagged | join(",") }}
{% endif %}
{%
set tagged =
aruba__interfaces
| dict2items
| selectattr("value.tagged", "defined")
| selectattr("value.tagged", "contains", id)
| map(attribute="key")
| map("int")
| list
%}
{% if tagged %}
tagged {{ tagged | join(",") }}
{% endif %}
{% if vlan.addresses | default([]) %}
{% for address in vlan.addresses | ipv4 %}
ip address {{ address }}
{% endfor %}
{% for address in vlan.addresses | ipv6 %}
ipv6 address {{ address }}
{% endfor %}
{% else %}
no ip address
{% endif %}
no flow-control
exit
{% endfor %}
{% for id, iface in aruba__interfaces.items() %}
interface {{ id | int }}
{% if iface.name is defined %}
name {{ iface.name | enquote }}
{% endif %}
exit
{% endfor %}
Reference in New Issue View Git Blame Copy Permalink