--- - hosts: localhost gather_facts: false vars: debug: false nid: L_671599294431642401 # TaintonNet vlans: - id: 1 name: Default dhcp: false - id: 5 name: Native dhcp: false - id: 6 name: CiscoEquip dhcp: true - id: 10 name: Infra dhcp: true - id: 25 name: Trusted Clients dhcp: true - id: 35 name: IoT dhcp: true - id: 40 name: DMZ dhcp: true mx_ports: # Hive Home - num: 3 enabled: true type: access vlan: 35 # Synology NAS - num: 4 enabled: true type: access vlan: 10 ### - num: 5 enabled: false - num: 6 enabled: false - num: 7 enabled: false - num: 8 enabled: false - num: 9 enabled: false - num: 10 enabled: false # Cisco HWB AP - num: 11 enabled: false type: access vlan: 6 # Trunk - num: 12 enabled: true type: trunk vlan: 5 allowed_vlans: 6,10,25,35,40 tasks: - name: Get Me cisco.meraki.administered_identities_me_info: meraki_suppress_logging: true register: me when: debug - name: Show current Meraki administrator ansible.builtin.debug: msg: "{{ me.meraki_response.name }} - {{me.meraki_response.email}}" when: debug - name: Get all Organizations cisco.meraki.organizations_info: meraki_suppress_logging: true register: organizations - name: Show Organizations List ansible.builtin.debug: msg: "{{ organizations | json_query('meraki_response[*].name') }}" when: debug - name: Enable Vlans on the MX cisco.meraki.networks_appliance_vlans_settings: state: present networkId: "{{ nid }}" vlansEnabled: true - name: Show VLANs ansible.builtin.debug: msg: "{{ vlans }}" when: debug - name: Create VLANs on MX cisco.meraki.networks_appliance_vlans: state: present applianceIp: "192.168.{{ item.id }}.1" # cidr: "192.168.{{ item.id }}.0/24" id: "{{ item.id }}" vlanId: "{{ item.id }}" name: "{{ item.name }}" networkId: "{{ nid }}" subnet: "192.168.{{ item.id }}.0/24" loop: "{{ vlans }}" - name: Enable DHCP on Relevant VLANs cisco.meraki.networks_appliance_vlans: state: present networkId: "{{ nid }}" name: "{{ item.name }}" id: "{{ item.id }}" vlanId: "{{ item.id }}" dhcpHandling: "Run a DHCP server" dhcpLeaseTime: "1 day" dnsNameservers: | 9.9.9.9 149.112.112.112 loop: "{{ vlans }}" when: item.dhcp - name: Disable DHCP on Relevant VLANs cisco.meraki.networks_appliance_vlans: state: present networkId: "{{ nid }}" name: "{{ item.name }}" id: "{{ item.id }}" vlanId: "{{ item.id }}" dhcpHandling: "Do not respond to DHCP requests" loop: "{{ vlans }}" when: not item.dhcp - name: Configure MX Trunk Ports cisco.meraki.networks_appliance_ports: state: present networkId: "{{ nid }}" portId: "{{ item.num }}" enabled: true type: trunk vlan: "{{ item.vlan }}" # Native VLAN allowedVlans: "{{ item.allowed_vlans }}" dropUntaggedTraffic: false loop: "{{ mx_ports }}" when: item.enabled and item.type == "trunk" - name: Configure MX Access Ports cisco.meraki.networks_appliance_ports: state: present networkId: "{{ nid }}" portId: "{{ item.num }}" enabled: true accessPolicy: open type: access vlan: "{{ item.vlan }}" loop: "{{ mx_ports }}" when: item.enabled and item.type == "access" - name: Disable Inactive MX Ports cisco.meraki.networks_appliance_ports: state: present networkId: "{{ nid }}" portId: "{{ item.num }}" enabled: false loop: "{{ mx_ports }}" when: not item.enabled - name: Configure Wireless SSID cisco.meraki.networks_wireless_ssids: state: present networkId: "{{ nid }}" number: "2" name: Tainton Test WiFi enabled: true authMode: psk defaultVlanId: 35 dot11w: # PMF enabled: true required: false dot11r: # Fast Roam, not required as we only have 1 AP enabled: false # adaptive: true encryptionMode: wpa psk: "{{ lookup('ansible.builtin.env', 'WIFI_PSK', default=undef()) }}" visible: true wpaEncryptionMode: WPA3 Transition Mode availableOnAllAps: true enterpriseAdminAccess: "access enabled" ipAssignmentMode: "Bridge mode" lanIsolationEnabled: false mandatoryDhcpEnabled: false splashPage: "None" useVlanTagging: true