diff --git a/mikrotikbackup_clean.yml b/mikrotikbackup_clean.yml index 92ce03c..dd90e9a 100644 --- a/mikrotikbackup_clean.yml +++ b/mikrotikbackup_clean.yml @@ -1,9 +1,13 @@ +--- - name: Backup and/or Upgrade MikroTik hosts: mikrotik_routers gather_facts: no + serial: 10 vars: backup_dir: /opt/mikrotik_backups/ + checkmk_url: "http://checkmk-server/mysite/check_mk/api/1.0/domain-types/service/collections/all" + checkmk_service_description: "MikroTik Backup/Upgrade" tasks: @@ -17,7 +21,7 @@ tags: always - name: Parse router name - set_fact: + ansible.builtin.set_fact: router_name: "{{ identity_raw.stdout[0].split(': ')[1] | trim }}" tags: always @@ -25,10 +29,11 @@ ansible.builtin.command: date +%Y-%m-%d_%H-%M-%S register: date_out delegate_to: localhost + changed_when: false tags: always - name: Set timestamp fact - set_fact: + ansible.builtin.set_fact: ts: "{{ date_out.stdout }}" tags: always @@ -53,9 +58,16 @@ ansible.builtin.copy: content: "{{ export_cfg.stdout[0] }}" dest: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc" + mode: "0600" delegate_to: localhost tags: backup + - name: Mark backup success + ansible.builtin.set_fact: + backup_ok: true + backup_file: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc" + tags: backup + # ---------------------------- # Upgrade (tag: upgrade) # ---------------------------- @@ -66,43 +78,145 @@ tags: upgrade - name: Parse installed and latest versions - set_fact: - installed_version: "{{ update_check.stdout[0] | regex_search('installed-version: ([\\d.]+)', '\\1') | first }}" - latest_version: "{{ update_check.stdout[0] | regex_search('latest-version: ([\\d.]+)', '\\1') | first }}" + ansible.builtin.set_fact: + installed_version: >- + {{ + ( + update_check.stdout[0] + | regex_search('installed-version: ([^\\s]+)', '\\1') + | default([]) + ) | first | default('unknown') + }} + latest_version: >- + {{ + ( + update_check.stdout[0] + | regex_search('latest-version: ([^\\s]+)', '\\1') + | default([]) + ) | first | default('unknown') + }} + tags: upgrade + + - name: Set upgrade-needed fact + ansible.builtin.set_fact: + upgrade_needed: >- + {{ + installed_version != 'unknown' + and latest_version != 'unknown' + and installed_version != latest_version + }} tags: upgrade - name: Skip upgrade if already on latest ansible.builtin.debug: msg: "Router {{ router_name }} is already on latest version {{ installed_version }}. Skipping upgrade." - when: installed_version == latest_version + when: not upgrade_needed tags: upgrade - name: Trigger package download and install community.routeros.command: commands: /system package update install register: upgrade_result - when: installed_version != latest_version + when: upgrade_needed tags: upgrade - name: Wait for router to come back online after reboot ansible.builtin.wait_for_connection: delay: 180 - timeout: 300 + timeout: 600 sleep: 10 when: - - installed_version != latest_version - - upgrade_result is not failed + - upgrade_needed + - upgrade_result is succeeded tags: upgrade - name: Confirm upgraded version community.routeros.command: commands: /system resource print register: post_upgrade_info - when: installed_version != latest_version + when: upgrade_needed + tags: upgrade + + - name: Parse post-upgrade version + ansible.builtin.set_fact: + post_upgrade_version: >- + {{ + ( + post_upgrade_info.stdout[0] + | regex_search('version: ([^\\s]+)', '\\1') + | default([]) + ) | first | default('unknown') + }} + when: upgrade_needed tags: upgrade - name: Show post-upgrade RouterOS version ansible.builtin.debug: - msg: "{{ post_upgrade_info.stdout[0] | regex_search('version: .+') }}" - when: installed_version != latest_version - tags: upgrade \ No newline at end of file + msg: "Router {{ router_name }} upgraded to version {{ post_upgrade_version }}" + when: upgrade_needed + tags: upgrade + + # ---------------------------- + # Build Checkmk status + # ---------------------------- + - name: Build Checkmk result when no upgrade was needed + ansible.builtin.set_fact: + cmk_state: 0 + cmk_output: >- + OK - router={{ router_name }} + backup=ok + installed={{ installed_version }} + latest={{ latest_version }} + upgrade_needed=no + backup_file={{ backup_file | default('n/a') }} + backup_ts={{ ts }} + when: not upgrade_needed + tags: always + + - name: Build Checkmk result when upgrade succeeded + ansible.builtin.set_fact: + cmk_state: "{{ 0 if post_upgrade_version == latest_version else 2 }}" + cmk_output: >- + {{ 'OK' if post_upgrade_version == latest_version else 'CRIT' }} - + router={{ router_name }} + backup=ok + installed_before={{ installed_version }} + latest={{ latest_version }} + upgrade_needed=yes + upgraded_to={{ post_upgrade_version }} + backup_file={{ backup_file | default('n/a') }} + backup_ts={{ ts }} + when: upgrade_needed + tags: always + + # ---------------------------- + # Push result to Checkmk + # ---------------------------- + - name: Send result to Checkmk + delegate_to: localhost + ansible.builtin.uri: + url: "{{ checkmk_url }}" + method: POST + headers: + Authorization: "Bearer {{ lookup('env', 'CHECKMK_TOKEN') }}" + Accept: "application/json" + Content-Type: "application/json" + body_format: json + body: + host_name: "{{ router_name }}" + service_description: "{{ checkmk_service_description }}" + state: "{{ cmk_state | int }}" + output: "{{ cmk_output }}" + return_content: true + status_code: + - 200 + - 201 + - 204 + register: checkmk_result + failed_when: false + tags: always + + - name: Show Checkmk response + ansible.builtin.debug: + var: checkmk_result + tags: always \ No newline at end of file