It's been a while since the original post, but I stumbled across this today as I was also wondering if anyone has experience with this. I think Ansible is a good
I have set up Ansible for an RT-N66U running legacy Merlin 380.70-0 a while. The setup was quite straightforward: I already had entware on the system, and I just needed to install a number of packages to get it to work. I found a rather small set of packages that is needed to make things run, and a newer router should have even less problems to run it - see below for more info.
The reason why I was looking for ASUSWRT-Merlin and Ansible is that I Ansible now supports
networking devices that do not run Python by running CLI commands through ssh. The ASUSWRT `nvram` command would be a good candidate, and a lot of basic settings could be automated without the need for entware, Python, and maybe even with the stock ASUSWRT firmware. I am thinking about setting this up, and wanted to see if there is experience and/or interest in using Ansible for ASUSWRT and small networks. I think it's a natural choice, and I like having my router configuration in a git repository alongside all other computer setup I have - although I do wonder if it's overkill...
Some details of the implementation:
I had to install these opkg packages: python-light python-logging python-openssl python-codecs openssh-sftp-server python-distutils. I even wrote a small playbook to set this up, but that this playbook does not set up of entware on the system. I don't remember why I installed python-distutils in a second call to opkg, it might work in a single call.
Code:
- name: bootstrap WRT routers
hosts: asuswrt
gather_facts: False
tasks:
- name: update entware package information
raw: opkg update
- name: install python for ansible
raw: >
opkg install
python-light python-logging python-openssl python-codecs
openssh-sftp-server
- name: install python modules for ansible
opkg:
name: python-distutils
state: present
update_cache: yes
An important feature is to use the `nvram` command to change all the router settings, as an alternative to the web interface. I wrote a little shell script to help with this, and this makes it quite convenient to update e.g. DNS servers. I put this script in library/asuswrt_nvram.sh, and I'm not sure if anything else is needed.
Code:
#!/bin/sh
# wrapper for conditional setting of uci config
# compare http://wiki.openwrt.org/doc/techref/uci
# TODO: add more docs, see http://docs.ansible.com/developing_modules.html
# parameters are command, key, value
source ${1}
unquoted_key="$(echo $key | sed -e s/\'//g)"
unquoted_value="$(echo $value | sed -e s/\'//g)"
# test if we need to apply a change
case $command in
'set')
if [ "$(nvram get "$unquoted_key")" = "$value" ]
then
echo '{"changed": false}'
else
if [ -z "${_ansible_check_mode}" -o "${_ansible_check_mode}" = "False" ]
then
nvram set "${unquoted_key}=${value}"
logger "read nvram: ${unquoted_key}="$(nvram get "${unquoted_key}")
fi
echo '{"changed": true, "msg": "executed: nvram set"}'
#echo "{\"changed\": true, \"msg\": \"executed nvram set \"${unquoted_key}=${value}\"}"
fi
;;
'commit')
#if [ -z "${_ansible_check_mode}" -o "${_ansible_check_mode}" = "False" ]
#then
nvram commit
logger "commit nvram"
#fi
echo '{"changed": true, "msg": "executed: nvram commit"}'
;;
esac
However, a cleaner way would be to use Ansible network automation for this. You can reply to this thread if you are interested in more info.
