network_appliance_bootstrap
Ansible Role: network_appliance_bootstrap
This ansible role will bootstrap SSH keys onto Network Appliances using a ssh connection. Currently targeting network appliances based on Vyatta, VyOS, and UBNT Devices.
Role Variables:
The following role variables work for EdgeRouterX devices.
netapl_ssh_authorized_key: ~/.ssh/id_ed25519.pub
netapl_device_user_id: ubnt
ansible_network_os: edgeos
ansible_user: ubnt
ansible_pass: <YOUR_EDGEROUTER_PASSWORD>
ansible_ssh_private_key_file: /etc/ansible/keys/id_rsa
ansible_net_ssh_key_file: /etc/ansible/keys/id_rsa
ansible_python_interpreter: /usr/bin/python
The following role variables work for UnFi USG and USG4P devices.
netapl_ssh_authorized_key: ~/.ssh/id_ed25519.pub
netapl_device_user_id: admin
ansible_network_os: edgeos
ansible_ssh_user: admin
ansible_user: admin
ansible_ssh_pass: <YOUR_USG_PASSWORD>
ansible_pass: <YOURT_USG_PASSWORD>
become: yes
ansible_ssh_private_key_file: /etc/ansible/keys/id_rsa
ansible_net_ssh_key_file: /etc/ansible/keys/id_rsa
ansible_python_interpreter: /usr/bin/python
The following role variables work for VyOS devices.
netapl_ssh_authorized_key: ~/.ssh/id_ed25519.pub
netapl_device_user_id: admin
ansible_network_os: vyos
ansible_user: admin
ansible_pass: <YOUR_EDGEROUTER_PASSWORD>
ansible_ssh_private_key_file: /etc/ansible/keys/id_rsa
ansible_net_ssh_key_file: /etc/ansible/keys/id_rsa
ansible_python_interpreter: /usr/bin/python
Installation:
ansible-galaxy install ppouliot.network_appliance_bootstrap
Example Inventory:
localhost ansible_connection=local ansible_python_interpreter="/usr/bin/env python"
[usg]
usg4p.pouliot.net
[usg-by-ip]
192.168.1.1
[edgerouterx]
erx.pouliot.net
[edgerouterx-by-ip]
192.168.1.2
[vyos]
vyos.pouliot.net
[vyos-by-ip]
192.168.1.3
[cloudkey]
Unifi-Cloudkey.pouliot.net
[cloudkey-by-ip]
192.168.1.3
[ssh_connection]
pipelining=True
Example Playbook
#!/usr/bin/env ansible-playbook
---
- name: UniFi USG Bootstrap SSHKeys for Ansible
hosts: edgerouterx-by-ip
connection: ssh
become: yes
become_user: root
gather_facts: yes
tasks:
- debug: var=ansible_connection
roles:
- ppouliot.network_appliance_bootstrap
- hosts: edgerouterx
connection: network_cli
gather_facts: false
tasks:
- name: Collect facts from EdgeOS Devices
edgeos_facts:
gather_subset: all
- name: UniFi USG Bootstrap SSHKeys for Ansible
hosts: usg-by-ip
connection: ssh
become: yes
become_user: root
gather_facts: false
tasks:
- debug: var=ansible_connection
roles:
- ppouliot.network_appliance_bootstrap
- hosts: usg
connection: network_cli
gather_facts: false
tasks:
- name: Collect facts from Unifi Devices
edgeos_facts:
gather_subset: all
- name: VyOS Bootstrap SSHKeys for Ansible
hosts: vyos-by-ip
connection: ssh
become: yes
become_user: root
gather_facts: false
tasks:
- debug: var=ansible_connection
roles:
- ppouliot.network_appliance_bootstrap
- hosts: vyos
connection: network_cli
gather_facts: false
tasks:
- name: Collect facts from VyOS Devices
vyos_facts:
gather_subset: all
Contributors:
- Peter Pouliot peter@pouliot.net
Copyright and License:
Copyright (C) 2018 Peter J. Pouliot
Peter Pouliot can be contacted at: peter@pouliot.net
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Ansible to bootstrap ssh on Vyatta, VyOS & UBNT USG/EdgeRouters
ansible-galaxy install ppouliot/ansible-role-network_appliance_bootstrap