Need help in setting ansible for sonicwall backups
103 views
Skip to first unread message
Rahul Kumar
Apr 17, 2024, 7:07:22 AM4/17/24
to Ansible Project
Hello All,
I need help in setting ansible to take Sonicwall firewall backups.
Anyone, who is willing to help me is greatly appreciated.
Thanks,
dbs34
Apr 17, 2024, 10:04:44 AM4/17/24
to Ansible Project
Hello! I can offer some advice. In my findings, often there are no vendor canned, provided modules so you have to use the netcommon.cli module which works just as well.
always:
- name: Mail error result if any
community.general.mail:
sender: ro...@ho-lx-ansible.xx.xx.com
host: internal-smtp.xx.xx.com
subtype: plain
to: "{{ to }}"
subject: "{{ inventory_hostname }} backup error"
body: "{{ email_body }}"
when: term_output.failed == true or cfg_output.failed == true
...
I have successfully deployed playbooks for cisco ios, cisco asa, dell, wlcs and nxos. Here is one playbook I use for my asa devices that use the netcommon.cli module.
---
- name: Run show running-config on ASAs
hosts: ASA
gather_facts: false
no_log: false
vars:
ansible_user: "{{ vault_net_user }}"
ansible_password: "{{ vault_net_pass }}"
dest: "{{ asapath }}"
to: "sysl...@xxxx.com
vars_files:
- '/etc/ansible/group_vars/vault.yml'
- '/etc/ansible/group_vars/bkup-paths.yml'
tasks:
- name: Check if backup file exists and is greater than zero
ansible.builtin.stat:
path: "{{ dest }}{{ inventory_hostname }}.cfg"
register: fstat
- name: Rename existing backup file
raw: mv -f "{{ dest |quote }}{{ inventory_hostname |quote }}.cfg"
"{{ dest |quote }}{{ inventory_hostname |quote }}.cfg.1"
when: fstat.stat.exists == true and fstat.stat.size > 0
- block:
- name: Set Terminal pager to unlimited
ansible.netcommon.cli_command:
command: terminal pager 0
register: term_output
- name: Pause
ansible.builtin.pause:
seconds: 1
- name: Run and save sh running-config to the NAS
ansible.netcommon.cli_command:
command: sh running-config
register: cfg_output
- name: Show output
ansible.builtin.debug:
var: cfg_output, term_output
- name: Save running config to the NAS
ansible.builtin.copy:
content: "{{ cfg_output.stdout | replace('\r\n', '\n') }}"
dest: "{{ dest }}{{ inventory_hostname }}.cfg"
rescue:
- name: 'Rescue - print and email failed results'
ansible.builtin.debug:
var: ansible_failed_result
- name: Create email body
set_fact:
email_body: |
<html>
<body><h4>Error during the ASA backup process.</h4>
<pre>
<h5> {{ansible_failed_result|replace('\r\n', '<br>') }}</h5>
</pre>
</body>
</html>
- name: Run show running-config on ASAs
hosts: ASA
gather_facts: false
no_log: false
vars:
ansible_user: "{{ vault_net_user }}"
ansible_password: "{{ vault_net_pass }}"
dest: "{{ asapath }}"
to: "sysl...@xxxx.com
vars_files:
- '/etc/ansible/group_vars/vault.yml'
- '/etc/ansible/group_vars/bkup-paths.yml'
tasks:
- name: Check if backup file exists and is greater than zero
ansible.builtin.stat:
path: "{{ dest }}{{ inventory_hostname }}.cfg"
register: fstat
- name: Rename existing backup file
raw: mv -f "{{ dest |quote }}{{ inventory_hostname |quote }}.cfg"
"{{ dest |quote }}{{ inventory_hostname |quote }}.cfg.1"
when: fstat.stat.exists == true and fstat.stat.size > 0
- block:
- name: Set Terminal pager to unlimited
ansible.netcommon.cli_command:
command: terminal pager 0
register: term_output
- name: Pause
ansible.builtin.pause:
seconds: 1
- name: Run and save sh running-config to the NAS
ansible.netcommon.cli_command:
command: sh running-config
register: cfg_output
- name: Show output
ansible.builtin.debug:
var: cfg_output, term_output
- name: Save running config to the NAS
ansible.builtin.copy:
content: "{{ cfg_output.stdout | replace('\r\n', '\n') }}"
dest: "{{ dest }}{{ inventory_hostname }}.cfg"
rescue:
- name: 'Rescue - print and email failed results'
ansible.builtin.debug:
var: ansible_failed_result
- name: Create email body
set_fact:
email_body: |
<html>
<body><h4>Error during the ASA backup process.</h4>
<pre>
<h5> {{ansible_failed_result|replace('\r\n', '<br>') }}</h5>
</pre>
</body>
</html>
always:
- name: Mail error result if any
community.general.mail:
sender: ro...@ho-lx-ansible.xx.xx.com
host: internal-smtp.xx.xx.com
subtype: plain
to: "{{ to }}"
subject: "{{ inventory_hostname }} backup error"
body: "{{ email_body }}"
when: term_output.failed == true or cfg_output.failed == true
...
Reply all
Reply to author
Forward
0 new messages