From c1358cf16c6278d0ee2179bb68d2e415c0832071 Mon Sep 17 00:00:00 2001 From: Luke Tainton Date: Sat, 10 May 2025 23:25:59 +0100 Subject: [PATCH] Add OpenTofu config files --- .gitea/workflows/ci.yml | 10 +- .gitea/workflows/deploy.yml | 10 +- tf/.terraform.lock.hcl | 25 +++ tf/main.tf | 314 ++++++++++++++++++++++++++++++++++++ 4 files changed, 349 insertions(+), 10 deletions(-) create mode 100644 tf/.terraform.lock.hcl create mode 100644 tf/main.tf diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index c987aee..6bd156c 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -19,25 +19,25 @@ jobs: - name: OpenTofu fmt id: fmt - run: tofu fmt -check + run: tofu -chdir=tf fmt -check continue-on-error: true - name: OpenTofu init id: init - run: tofu init + run: tofu -chdir=tf init - name: OpenTofu validate id: validate - run: tofu validate -no-color + run: tofu -chdir=tf validate -no-color - name: OpenTofu refresh id: validate - run: tofu refresh + run: tofu -chdir=tf refresh continue-on-error: true - name: OpenTofu plan id: plan - run: tofu plan -no-color + run: tofu -chdir=tf plan -no-color continue-on-error: true - name: Post comment to PR diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index abd6b1f..e970160 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -18,20 +18,20 @@ jobs: - name: OpenTofu init id: init - run: tofu init + run: tofu -chdir=tf init - name: OpenTofu validate id: validate - run: tofu validate -no-color + run: tofu -chdir=tf validate -no-color - name: OpenTofu refresh id: validate - run: tofu refresh + run: tofu -chdir=tf refresh - name: OpenTofu plan id: plan - run: tofu plan -no-color -out /tmp/plan.tfplan + run: tofu -chdir=tf plan -no-color -out /tmp/plan.tfplan - name: OpenTofu apply id: apply - run: tofu apply /tmp/plan.tfplan + run: tofu -chdir=tf apply /tmp/plan.tfplan diff --git a/tf/.terraform.lock.hcl b/tf/.terraform.lock.hcl new file mode 100644 index 0000000..4cacea3 --- /dev/null +++ b/tf/.terraform.lock.hcl @@ -0,0 +1,25 @@ +# This file is maintained automatically by "tofu init". +# Manual edits may be lost in future updates. + +provider "registry.opentofu.org/ciscodevnet/meraki" { + version = "1.1.0" + constraints = "1.1.0" + hashes = [ + "h1:sLQbxE9ueN0Tm7+5OIu47nQDlHK+pmc3F8vjTQATI0s=", + "zh:0a56cc0d7546a4c66c86fa984b2cfbf244ddd360c300824dae709ba88138acfd", + "zh:214a25f468ec97060b9d66f09486f81435555163c92e925f3a4398a6dc76925b", + "zh:26f11806106429c03066925a3472ed21d3e6322e713b43671dd78d902fb6a645", + "zh:30490b84c9bc9a1bfc07d9d5e493f79f2d6ce1b1253667a67586e859215eae89", + "zh:3f086e18d6ca640ff866336e8076e94b8c96f3ebe2c533fd92d11e7db56ebbdc", + "zh:44ed546bbff5da1c13e1210f5613240869d2558e6ecb23dcb49ac4884aa771dd", + "zh:51f0a5215511d8d376258d6ce1682a9213397c41f8ca19c0babc3a486a83fac2", + "zh:5ed09cea5ceb71bb8093af3639475cf5cfc718566cc30399decb9b210e010c6b", + "zh:80085b44e01e845e9565d35298caa0db51c640660498f3c4d9e5b231be85189a", + "zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f", + "zh:8c613dff19ba64be144c63842ecf4e4787ca6a25f468ac65dd19cf5e2d3e95f3", + "zh:a670f9de89574009153f9ad91fc57eb3f36032102e2bfc167e942b2de20c5bb5", + "zh:ad5cc84670174caf43e67598db836192c305e1f0c7435ef58ddc6d2a1c2ea829", + "zh:b3123c9eabbb80deb3d95fa943058d1104af751d91de6bb4aaf2d15468850ddc", + "zh:fd25596fe1fbb3a66e2472acf696aaf4795327b906692d794ed6620365a31c3a", + ] +} diff --git a/tf/main.tf b/tf/main.tf new file mode 100644 index 0000000..144a295 --- /dev/null +++ b/tf/main.tf @@ -0,0 +1,314 @@ +# https://search.opentofu.org/provider/ciscodevnet/meraki/latest + +terraform { + required_providers { + meraki = { + source = "ciscodevnet/meraki" + version = "1.1.0" + } + } +} + +provider "meraki" {} + +data "meraki_organization" "TaintonInfrastructureCloud" { + name = "Tainton Infrastructure Cloud" +} + +data "meraki_network" "TaintonNet" { + id = "L_671599294431642401" + organization_id = "537586" + # name = "TaintonNet" +} + + +resource "meraki_network" "TaintonNet" { + organization_id = data.meraki_organization.TaintonInfrastructureCloud.id + name = data.meraki_network.TaintonNet.name + product_types = ["appliance", "camera", "switch", "wireless"] + tags = [] + time_zone = "Europe/London" + notes = "" +} + +resource "meraki_network_firmware_upgrades" "TaintonNet" { + network_id = data.meraki_network.TaintonNet.id + # products_appliance_next_upgrade_to_version_id = "5149" + products_appliance_participate_in_next_beta_release = false + # products_camera_next_upgrade_to_version_id = null + products_camera_participate_in_next_beta_release = false + # products_secure_connect_next_upgrade_to_version_id = null + products_secure_connect_participate_in_next_beta_release = null + # products_switch_next_upgrade_to_version_id = null + products_switch_participate_in_next_beta_release = false + # products_wireless_next_upgrade_to_version_id = null + products_wireless_participate_in_next_beta_release = false + timezone = "Europe/London" + upgrade_window_day_of_week = "saturday" + upgrade_window_hour_of_day = "4:00" +} + +resource "meraki_network_alerts_settings" "TaintonNet" { + network_id = data.meraki_network.TaintonNet.id + muting_by_port_schedules_enabled = false + default_destinations_all_admins = false + default_destinations_snmp = false + default_destinations_emails = ["luke@tainton.uk"] + default_destinations_http_server_ids = [ + "aHR0cHM6Ly9mbG93cy50YWludG9uLnVrL3dlYmhvb2stdGVzdC8xODgwMjlmMy1iYWVmLTQ1NzgtYWMzNy0yNWIzMjM5NTc3ZjM=", + "aHR0cHM6Ly9mbG93cy50YWludG9uLnVrL3dlYmhvb2svMTg4MDI5ZjMtYmFlZi00NTc4LWFjMzctMjViMzIzOTU3N2Yz" + ] + alerts = [ + { + type = "ampMalwareDetected" + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + }, + { + type = "ampMalwareBlocked" + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + filters_timeout = 5 + type = "applianceDown" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "failoverEvent" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "dhcpNoLeases" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "rogueAp" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "rogueDhcp" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "ipConflict" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "ip6Conflict" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "dhcp6naRenumber" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "dhcp6pdRenumber" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "cellularUpDown" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "clientConnectivity" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "vrrp" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "vpnConnectivityChange" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "settingsChanged" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + filters_period = 1200 + filters_threshold = 104857600 + type = "usageAlert" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "weeklyUmbrella" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "prefixStarvation" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + filters_timeout = 5 + type = "gatewayDown" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + type = "gatewayToRepeater" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + filters_timeout = 60 + type = "repeaterDown" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + filters_selector = jsonencode( + { + configs = [ + { + duration = 15 + ssidNum = 0 + threshold = "low" + }, + ] + } + ) + type = "snr" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + filters_selector = jsonencode( + { + configs = [ + { + duration = 120 + ssidNum = 0 + threshold = "high" + }, + ] + } + ) + type = "highWirelessUsage" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = true + filters_selector = jsonencode( + { + configs = [] + eventReminderPeriodSecs = 10800 + smartEnabled = true + smartSensitivity = "medium" + } + ) + type = "onboarding" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "weeklyPresence" + }, + { + alert_destinations_all_admins = false + alert_destinations_emails = [] + alert_destinations_http_server_ids = [] + alert_destinations_snmp = false + enabled = false + type = "uplinkIp6Conflict" + }, + ] +} -- 2.47.2