From 1f99b159dc029814aa4c1103b7dd73085fc05b34 Mon Sep 17 00:00:00 2001 From: "martin.fencl" Date: Wed, 18 Feb 2026 21:22:50 +0100 Subject: [PATCH] change mt backup --- mikrotikbackup.yml | 83 ++++++++++++++++++++---------------------- old/mikrotikbackup.yml | 62 +++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+), 43 deletions(-) create mode 100644 old/mikrotikbackup.yml diff --git a/mikrotikbackup.yml b/mikrotikbackup.yml index b558ad7..328c6a4 100644 --- a/mikrotikbackup.yml +++ b/mikrotikbackup.yml @@ -1,62 +1,59 @@ -- hosts: mikrotiks +- name: Backup MikroTik config (text export only) + hosts: mikrotik_routers gather_facts: no + + vars: + backup_dir: /opt/mikrotik_backups/ + tasks: - - name: Set SSH port (default to 22) - set_fact: - ansible_port: "{{ ansible_port | default(22) }}" - - name: Ensure output directory exists + # ---------------------------- + # Ensure local backup directory + # ---------------------------- + - name: Ensure local backup directory exists ansible.builtin.file: - path: /opt/mikrotik_backups + path: "{{ backup_dir }}" state: directory - mode: '0755' + mode: "0755" delegate_to: localhost + # ---------------------------- + # Get router identity + # ---------------------------- - name: Get router identity - shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system identity print" - register: system_identity - delegate_to: localhost - failed_when: system_identity.rc != 0 and system_identity.rc != 124 # 124 = timeout + community.routeros.command: + commands: /system identity print + register: identity_raw - - name: Set router name + - name: Parse router name set_fact: - router_name: "{{ system_identity.stdout.split(': ')[1] | trim }}" - when: system_identity.rc == 0 + router_name: "{{ identity_raw.stdout[0].split(': ')[1] | trim }}" - - name: Generate current date - ansible.builtin.shell: date +%Y-%m-%d - register: date_output + # ---------------------------- + # Timestamp + # ---------------------------- + - name: Get timestamp + ansible.builtin.command: date +%Y-%m-%d_%H-%M-%S + register: date_out delegate_to: localhost - - name: Set current date + - name: Set timestamp fact set_fact: - current_date: "{{ date_output.stdout }}" + ts: "{{ date_out.stdout }}" + # ---------------------------- + # Export config (stable for diff) + # ---------------------------- - name: Export router config - shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/export" - register: export_output - delegate_to: localhost - when: system_identity.rc == 0 - failed_when: export_output.rc != 0 and export_output.rc != 124 + community.routeros.command: + commands: /export terse show-sensitive + register: export_cfg - - name: Save export to local file + # ---------------------------- + # Save export locally + # ---------------------------- + - name: Save export locally ansible.builtin.copy: - content: "{{ export_output.stdout }}" - dest: "/opt/mikrotik_backups/{{ router_name }}-{{ current_date }}.config" + content: "{{ export_cfg.stdout[0] }}" + dest: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc" delegate_to: localhost - when: export_output.rc == 0 - - - name: Create binary backup on router - shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system backup save name={{ router_name }}-{{ current_date }}-backup" - delegate_to: localhost - when: system_identity.rc == 0 - - - name: Download binary backup - shell: timeout 15 scp -o StrictHostKeyChecking=no -P {{ ansible_port }} {{ ansible_user }}@{{ ansible_host }}:{{ router_name }}-{{ current_date }}-backup.backup /opt/mikrotik_backups/ - delegate_to: localhost - when: system_identity.rc == 0 - - - name: Remove backup file from router - shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/file remove {{ router_name }}-{{ current_date }}-backup.backup" - delegate_to: localhost - when: system_identity.rc == 0 diff --git a/old/mikrotikbackup.yml b/old/mikrotikbackup.yml new file mode 100644 index 0000000..b558ad7 --- /dev/null +++ b/old/mikrotikbackup.yml @@ -0,0 +1,62 @@ +- hosts: mikrotiks + gather_facts: no + tasks: + - name: Set SSH port (default to 22) + set_fact: + ansible_port: "{{ ansible_port | default(22) }}" + + - name: Ensure output directory exists + ansible.builtin.file: + path: /opt/mikrotik_backups + state: directory + mode: '0755' + delegate_to: localhost + + - name: Get router identity + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system identity print" + register: system_identity + delegate_to: localhost + failed_when: system_identity.rc != 0 and system_identity.rc != 124 # 124 = timeout + + - name: Set router name + set_fact: + router_name: "{{ system_identity.stdout.split(': ')[1] | trim }}" + when: system_identity.rc == 0 + + - name: Generate current date + ansible.builtin.shell: date +%Y-%m-%d + register: date_output + delegate_to: localhost + + - name: Set current date + set_fact: + current_date: "{{ date_output.stdout }}" + + - name: Export router config + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/export" + register: export_output + delegate_to: localhost + when: system_identity.rc == 0 + failed_when: export_output.rc != 0 and export_output.rc != 124 + + - name: Save export to local file + ansible.builtin.copy: + content: "{{ export_output.stdout }}" + dest: "/opt/mikrotik_backups/{{ router_name }}-{{ current_date }}.config" + delegate_to: localhost + when: export_output.rc == 0 + + - name: Create binary backup on router + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/system backup save name={{ router_name }}-{{ current_date }}-backup" + delegate_to: localhost + when: system_identity.rc == 0 + + - name: Download binary backup + shell: timeout 15 scp -o StrictHostKeyChecking=no -P {{ ansible_port }} {{ ansible_user }}@{{ ansible_host }}:{{ router_name }}-{{ current_date }}-backup.backup /opt/mikrotik_backups/ + delegate_to: localhost + when: system_identity.rc == 0 + + - name: Remove backup file from router + shell: timeout 15 ssh -o StrictHostKeyChecking=no {{ ansible_user }}@{{ ansible_host }} -p {{ ansible_port }} "/file remove {{ router_name }}-{{ current_date }}-backup.backup" + delegate_to: localhost + when: system_identity.rc == 0