fortios need host, username, password in every "- name"

Archives Ansible Project
1

Hi,

I have playbook for fortios and working.
But is that possible

  1. I don’t want to put password in playbook, but put that in group_vars/forti.yml
  2. In cisco I can apply playbook to group name in hosts
    i.e.

cat playbooks/cisco.yml

2

In group_vars/forti.yml you can have any variable you like, so lets say forti_password.

group_vars/forti.yml

3

also check out ansible vault

4

QUESTION1: SOLVED
QUESTION2: Here my goal
I have 2 fortigate (fgt1 and fgt2 with their respective ip)
I want to backup both using 1 group name “forti” instead issuing 1 backup task to each fgt1 and fgt2
Is that possible?
tq

cat hosts

[forti]

fgt1 ansible_host=10.0.10.123
fgt2 ansible_host=10.0.10.124

cat group_vars/forti.yml

5

have you run it this way yet? it should do both host in that group

6

with this setting, I got this erro

cat playbooks/forti.yml

7

are you able to connect to it regularly? at the end you can see this error

},
“msg”: “Error connecting device”

8

PROBLEMS:
-with working playbook.
backup applied on both fgt1 and fgt2 but
address (LAN) and policy task (LAN2WAN DNS) only applied on fgt1

WORKING

cat forti.yml

9

Your host n the module need to different for each host so use the variable ansible_host or inventory_hostanme.

10

SOLVED
tq

11

Hello,

how did you managed to make it work?