ansible/MIKROTIK/MK_NEW/RTO_chng.yml

---

# Управляем розницей

- name: MK_Routers_configuring
  hosts: RTO-MK

  tasks:
    - name: hostname
      debug:
        msg: Host {{hostname}}

    - name: add some config to MK
      routeros_command:
        commands:
          - "/system package update check-for-updates"
          - "/system package update download"
          #- "/ip service set www-ssl disabled=no address=10.0.0.0/8,192.168.0.0/16 port=443"
          #- /ip route remove [find dst-address ="10.4.0.214/32"]
          #- /ip route add dst-address=192.168.0.0/16 gateway=10.74.3.254 distance=10
          #- "/system script set ISP_name_check policy=read,write,policy,test"
          #- "/system script set JParser policy=read,write,policy,test"
          #- "/system scheduler set ISP_name_check policy=read,write,policy,test"
          #- "/ip firewall nat add chain=srcnat out-interface=sstp-to-P11 action=masquerade"
          #- "/radius remove [/radius find]"
          #- "/radius add accounting-port=1646 address=10.4.0.248 authentication-port=1645 \ comment=izh-rds002.milkom-komos.ru secret=\"CvTmNnZy7a6|N@%IN9ig\" service=login src-address={{ip_vpn}} timeout=30s"
          #- "/radius add accounting-port=1646 address=10.1.122.248 authentication-port=1645 \ comment=P11-RDS003.komos.ru secret=\"CvTmNnZy7a6|N@%IN9ig\" service=login src-address={{ip_vpn}} timeout=30s"
          #- "/user aaa set use-radius=yes"
          #- "/system script run ISP_name_check"
          #- "/ip route add dst-address=10.0.0.0/8 gateway=10.74.3.254 distance=10"  
          #- "/interface sstp-client add authentication=mschap2 connect-to=rto.komos.ru:7789 disabled=no name=sstp-to-P11  password=\"{{vpn_password}}\" profile=default-encryption tls-version=only-1.2 user=\"{{hostname}}\""
          #- "/system scheduler add interval=4h name=ISP_name_check on-event=ISP_name_check \ policy=ftp,reboot,read,write,policy,password,sniff,sensitive,romon start-time=startup"
          #- "/system scheduler set ISP_name_check  interval=4h on-event=ISP_name_check \ policy=ftp,reboot,read,write,policy,password,sniff,sensitive,romon start-time=startup"
          #- "/ip route set [ find where dst-address=\"10.1.19.0/24\"] distance=15"
          #- "/ip route set [ find where dst-address=\"10.4.0.214/32\"] distance=15"
          #- "/ip route set [ find where dst-address=\"10.1.122.227/32\"] distance=15"
          #- "/ip route set [ find where dst-address=\"192.168.8.99/32\"] distance=15"
          #-"/system clock print"
          #- "/system identity set name={{hostname}}"    
          #- "/snmp set location=\"{{address}}\""
          #- "/interface print"
          #- "/interface wireless set [ find default-name=wlan1 ] comment=WIFI"
          #- "/interface bridge add disabled=yes name=br_sim comment=\"{{sim_number}}\""
          #- "/interface wireless security-profiles add name=MK mode=dynamic-keys \ authentication-types=wpa2-psk unicast-ciphers=aes-ccm group-ciphers=aes-ccm wpa2-pre-shared-key=MeatComp2017"
          #- "/interface wireless set wlan1 ssid=MK security-profile=MK disabled=no channel-width=20/40mhz-Ce band=2ghz-b/g/n"  
      register: version_output





    - name: Display facts variables
      debug:
        var: version_output