111 lines
3.4 KiB
YAML
111 lines
3.4 KiB
YAML
- name: Backup MikroTik config (text export only)
|
|
hosts: mikrotik_routers
|
|
gather_facts: no
|
|
|
|
vars:
|
|
backup_dir: /opt/mikrotik_backups/
|
|
|
|
tasks:
|
|
|
|
# ----------------------------
|
|
# Ensure local backup directory
|
|
# ----------------------------
|
|
- name: Ensure local backup directory exists
|
|
ansible.builtin.file:
|
|
path: "{{ backup_dir }}"
|
|
state: directory
|
|
mode: "0755"
|
|
delegate_to: localhost
|
|
|
|
# ----------------------------
|
|
# Get router identity
|
|
# ----------------------------
|
|
- name: Get router identity
|
|
community.routeros.command:
|
|
commands: /system identity print
|
|
register: identity_raw
|
|
tags: always
|
|
|
|
- name: Parse router name
|
|
set_fact:
|
|
router_name: "{{ identity_raw.stdout[0].split(': ')[1] | trim }}"
|
|
tags: always
|
|
|
|
# ----------------------------
|
|
# Timestamp
|
|
# ----------------------------
|
|
- name: Get timestamp
|
|
ansible.builtin.command: date +%Y-%m-%d_%H-%M-%S
|
|
register: date_out
|
|
delegate_to: localhost
|
|
|
|
- name: Set timestamp fact
|
|
set_fact:
|
|
ts: "{{ date_out.stdout }}"
|
|
|
|
# ----------------------------
|
|
# Export config (stable for diff)
|
|
# ----------------------------
|
|
- name: Export router config
|
|
community.routeros.command:
|
|
commands: /export terse show-sensitive
|
|
register: export_cfg
|
|
|
|
# ----------------------------
|
|
# Save export locally
|
|
# ----------------------------
|
|
- name: Save export locally
|
|
ansible.builtin.copy:
|
|
content: "{{ export_cfg.stdout[0] }}"
|
|
dest: "{{ backup_dir }}/{{ router_name }}-{{ ts }}.rsc"
|
|
delegate_to: localhost
|
|
|
|
# ----------------------------
|
|
# Upgrade router (tag: upgraded)
|
|
# ----------------------------
|
|
- name: Check current and latest available package versions
|
|
community.routeros.command:
|
|
commands: /system package update check-for-updates
|
|
register: update_check
|
|
tags: upgraded
|
|
|
|
- name: Parse installed and latest versions
|
|
set_fact:
|
|
installed_version: "{{ update_check.stdout[0] | regex_search('installed-version: ([\\d.]+)', '\\1') | first }}"
|
|
latest_version: "{{ update_check.stdout[0] | regex_search('latest-version: ([\\d.]+)', '\\1') | first }}"
|
|
tags: upgraded
|
|
|
|
- name: Skip upgrade if already on latest
|
|
ansible.builtin.debug:
|
|
msg: "Router {{ router_name }} is already on latest version {{ installed_version }}. Skipping upgrade."
|
|
when: installed_version == latest_version
|
|
tags: upgraded
|
|
|
|
- name: Trigger package download and install
|
|
community.routeros.command:
|
|
commands: /system package update install
|
|
register: upgrade_result
|
|
when: installed_version != latest_version
|
|
tags: upgraded
|
|
|
|
- name: Wait for router to come back online after reboot
|
|
ansible.builtin.wait_for_connection:
|
|
delay: 30
|
|
timeout: 180
|
|
when:
|
|
- installed_version != latest_version
|
|
- upgrade_result is not failed
|
|
tags: upgraded
|
|
|
|
- name: Confirm upgraded version
|
|
community.routeros.command:
|
|
commands: /system resource print
|
|
register: post_upgrade_info
|
|
when: installed_version != latest_version
|
|
tags: upgraded
|
|
|
|
- name: Show post-upgrade RouterOS version
|
|
ansible.builtin.debug:
|
|
msg: "{{ post_upgrade_info.stdout[0] | regex_search('version: .+') }}"
|
|
when: installed_version != latest_version
|
|
tags: upgraded |