Lumpiasty
5d1ddd6e5d
Basically, I've exported configuration from Mikrotik router using /export and vibe-coded playbook using the file.
227 lines
5.8 KiB
YAML
227 lines
5.8 KiB
YAML
---
|
|
- name: Configure bridges
|
|
community.routeros.api_modify:
|
|
path: interface bridge
|
|
data:
|
|
- name: bridge1
|
|
vlan-filtering: true
|
|
- name: dockers
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure VLAN interfaces
|
|
community.routeros.api_modify:
|
|
path: interface vlan
|
|
data:
|
|
- name: vlan2
|
|
comment: LAN (PC, WIFI)
|
|
interface: bridge1
|
|
vlan-id: 2
|
|
- name: vlan3
|
|
comment: KAMERY
|
|
interface: bridge1
|
|
vlan-id: 3
|
|
- name: vlan4
|
|
comment: SERVER LAN
|
|
interface: bridge1
|
|
vlan-id: 4
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure interface lists
|
|
community.routeros.api_modify:
|
|
path: interface list
|
|
data:
|
|
- name: wan
|
|
comment: contains interfaces facing internet
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure interface list members
|
|
community.routeros.api_modify:
|
|
path: interface list member
|
|
data:
|
|
- interface: pppoe-gpon
|
|
list: wan
|
|
- interface: lte1
|
|
list: wan
|
|
- interface: sit1
|
|
list: wan
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure bridge ports
|
|
community.routeros.api_modify:
|
|
path: interface bridge port
|
|
data:
|
|
- bridge: dockers
|
|
interface: veth1
|
|
comment: Tailscale container interface
|
|
- bridge: bridge1
|
|
interface: ether1
|
|
pvid: 2
|
|
- bridge: bridge1
|
|
interface: ether2
|
|
pvid: 2
|
|
- bridge: bridge1
|
|
interface: ether8
|
|
pvid: 4
|
|
- bridge: bridge1
|
|
interface: ether9
|
|
pvid: 2
|
|
- bridge: bridge1
|
|
interface: ether10
|
|
pvid: 3
|
|
- bridge: bridge1
|
|
interface: sfp-sfpplus2
|
|
- bridge: bridge1
|
|
interface: ether11
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure bridge VLAN membership
|
|
community.routeros.api_modify:
|
|
path: interface bridge vlan
|
|
data:
|
|
- bridge: bridge1
|
|
tagged: sfp-sfpplus2
|
|
untagged: ether1,ether2,ether9
|
|
vlan-ids: 2
|
|
- bridge: bridge1
|
|
tagged: sfp-sfpplus2
|
|
untagged: ether10
|
|
vlan-ids: 3
|
|
- bridge: bridge1
|
|
untagged: ether8
|
|
vlan-ids: 4
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure IPv4 pools
|
|
community.routeros.api_modify:
|
|
path: ip pool
|
|
data:
|
|
- name: dhcp_pool0
|
|
ranges: 192.168.0.50-192.168.0.250
|
|
comment: LAN DHCP pool
|
|
- name: dhcp_pool1
|
|
ranges: 192.168.255.1-192.168.255.9,192.168.255.11-192.168.255.254
|
|
comment: MGMT DHCP pool
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure DHCP servers
|
|
community.routeros.api_modify:
|
|
path: ip dhcp-server
|
|
data:
|
|
- name: dhcp1
|
|
address-pool: dhcp_pool0
|
|
interface: vlan2
|
|
lease-time: 30m
|
|
comment: LAN
|
|
- name: dhcp2
|
|
address-pool: dhcp_pool1
|
|
interface: bridge1
|
|
lease-time: 30m
|
|
comment: MGMT
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure DHCP networks
|
|
community.routeros.api_modify:
|
|
path: ip dhcp-server network
|
|
data:
|
|
- address: 192.168.0.0/24
|
|
dns-server: 192.168.0.1
|
|
gateway: 192.168.0.1
|
|
- address: 192.168.255.0/24
|
|
dns-none: true
|
|
gateway: 192.168.255.10
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
# TODO: IPv6 pools are useful when we have dynamic prefix, but we don't
|
|
# We can remove it now
|
|
- name: Configure IPv6 pools
|
|
community.routeros.api_modify:
|
|
path: ipv6 pool
|
|
data:
|
|
- name: pool1
|
|
prefix: 2001:470:61a3::/48
|
|
prefix-length: 64
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure DNS
|
|
community.routeros.api_find_and_modify:
|
|
ignore_dynamic: false
|
|
path: ip dns
|
|
find: {}
|
|
values:
|
|
allow-remote-requests: true
|
|
cache-size: 20480
|
|
servers: 1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001
|
|
|
|
- name: Configure NAT-PMP global settings
|
|
community.routeros.api_find_and_modify:
|
|
ignore_dynamic: false
|
|
path: ip nat-pmp
|
|
find: {}
|
|
values:
|
|
enabled: true
|
|
|
|
- name: Configure NAT-PMP interfaces
|
|
community.routeros.api_modify:
|
|
path: ip nat-pmp interfaces
|
|
data:
|
|
- interface: dockers
|
|
type: internal
|
|
- interface: pppoe-gpon
|
|
type: external
|
|
- interface: vlan2
|
|
type: internal
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure UPnP global settings
|
|
community.routeros.api_find_and_modify:
|
|
ignore_dynamic: false
|
|
path: ip upnp
|
|
find: {}
|
|
values:
|
|
enabled: true
|
|
|
|
- name: Configure UPnP interfaces
|
|
community.routeros.api_modify:
|
|
path: ip upnp interfaces
|
|
data:
|
|
- interface: dockers
|
|
type: internal
|
|
- interface: pppoe-gpon
|
|
type: external
|
|
- interface: vlan2
|
|
type: internal
|
|
handle_absent_entries: remove
|
|
handle_entries_content: remove_as_much_as_possible
|
|
ensure_order: true
|
|
|
|
- name: Configure IPv6 ND defaults
|
|
community.routeros.api_find_and_modify:
|
|
ignore_dynamic: false
|
|
path: ipv6 nd
|
|
find:
|
|
default: true
|
|
values:
|
|
advertise-dns: true
|