87 lines
3.2 KiB
YAML
87 lines
3.2 KiB
YAML
---
|
|
|
|
- name: Scan subnet - {{ subnet.address }}
|
|
ansible.builtin.command:
|
|
cmd: nmap -sn "{{ subnet.address }}" -oX -
|
|
become: true
|
|
register: nmap_scan
|
|
|
|
|
|
- name: Get subnets Address'
|
|
ansible.builtin.include_tasks:
|
|
file: tasks/api_call.yaml
|
|
vars:
|
|
api_client_name: "{{ nofusscomputing_phpipam_scan_agent.client_name }}"
|
|
api_token: "{{ nofusscomputing_phpipam_scan_agent.client_token }}"
|
|
api_path: "{{ api_address }}"
|
|
api_query_string: "filter_by=subnetId&filter_value={{ subnet.id }}"
|
|
|
|
|
|
- name: Load Subnet - {{ subnet.address }}
|
|
ansible.builtin.set_fact:
|
|
cached_subnet: "{{ lookup('file', cache_filepath) }}"
|
|
cacheable: false
|
|
no_log: true
|
|
when: >
|
|
api_call.status | default(0) | int != 404
|
|
|
|
|
|
- name: Process Scan Results - {{ subnet.address }}
|
|
ansible.builtin.set_fact:
|
|
subnet_scan_results: |-
|
|
[
|
|
{% for scanned_host in ((nmap_scan.stdout | ansible.utils.from_xml) | from_yaml).nmaprun.host | default([]) %}
|
|
{% if
|
|
scanned_host.address[0]['@addrtype'] | default('') == 'ipv4'
|
|
or
|
|
scanned_host.address['@addrtype'] | default('') == 'ipv4'
|
|
%}
|
|
{
|
|
{% for cached_host in cached_subnet | default([]) -%}
|
|
{%- if cached_host.ip == scanned_host.address['@addr'] | default(scanned_host.address[0]['@addr']) -%}
|
|
"id": {{ cached_host.id }},
|
|
{%- endif -%}
|
|
{%- endfor %}
|
|
"subnetId": "{{ subnet.id }}",
|
|
"ip": "{{ scanned_host.address['@addr'] | default(scanned_host.address[0]['@addr']) }}",
|
|
"lastSeen": "{{ nmap_scan.start }}",
|
|
{% if scanned_host.hostnames.hostname is defined %}
|
|
{% if '.' in scanned_host.hostnames.hostname['@name'] | string %}
|
|
"hostname": "{{ (scanned_host.hostnames.hostname['@name'] | split('.'))[0] }}",
|
|
{% else %}
|
|
"hostname": "{{ scanned_host.hostnames.hostname['@name'] }}",
|
|
{% endif %}
|
|
{% endif %}
|
|
{% if scanned_host.address['@addrtype'] | default(scanned_host.address[1]['@addrtype']) == 'mac' %}
|
|
"mac": "{{ scanned_host.address['@addr'] | default(scanned_host.address[1]['@addr']) | upper }}"
|
|
{% endif %}
|
|
},
|
|
{% endif %}
|
|
{% endfor %}
|
|
]
|
|
|
|
- name: To JSON - {{ subnet.address }}
|
|
ansible.builtin.set_fact:
|
|
subnet_scan_results: "{{ subnet_scan_results | from_yaml }}"
|
|
|
|
|
|
# Note: Dont edit http_agent version as the build pipeline updates automagically!!
|
|
# see ci variable 'RELEASE_ADDITIONAL_ACTIONS_BUMP'
|
|
- name: Upload Scan Results - {{ subnet.address }}
|
|
ansible.builtin.uri:
|
|
headers:
|
|
Authorization: "Bearer {{ nofusscomputing_phpipam_scan_agent.auth_token | default('no-token-set') }}"
|
|
http_agent: nfc-phpipam-scan-agent/0.2.0-a2
|
|
url: "{{
|
|
nofusscomputing_phpipam_scan_agent.http_server | default(nfc_c_http_server)
|
|
}}:{{ nofusscomputing_phpipam_scan_agent.http_port | default(nfc_c_http_port) }}/"
|
|
method: POST
|
|
body_format: json
|
|
body: {
|
|
"code": "{{ nofusscomputing_phpipam_scan_agent.scanagent_code }}",
|
|
"scan": {
|
|
"subnet": "{{ subnet.address }}",
|
|
"results": "{{ subnet_scan_results }}"
|
|
}
|
|
}
|