reverting b/c symbolic link doesn't work :-|

playbooks/network/configlet_logging.yml

@@ -0,0 +1,33 @@
+---
+- hosts: ios
+  gather_facts: no
+
+  vars:
+
+    log_servers:
+      - logging 10.10.10.10
+      - logging 10.10.10.11
+
+
+  tasks:
+
+  - name: "GET CONFIG"
+    ios_command:
+      commands:
+        - show running-config full | include logging [0-9]+\.[0-9]+\.[0-9]+\.[0-9]+
+    register: log
+
+  - name: RUN 'Set Logging'
+    ios_config:
+      commands: "{{ item }}"
+    loop: "{{ log_servers }}"
+    register: set_logging
+
+  - debug: var=log.stdout_lines
+
+  - name: RUN 'Remove Logging'
+    ios_config:
+      commands: "no {{ item }}"
+    when:  "(log.stdout_lines[0][0] != '') and (item not in log_servers)"
+    loop: "{{ log.stdout_lines[0] }}"
+    register: remove_logging

playbooks/network/configlet_ntp.yml

@@ -0,0 +1,37 @@
+---
+- hosts: ios
+  gather_facts: no
+
+
+  vars:
+
+    ntp_servers:
+      - ntp server 10.10.10.13
+      - ntp server 10.10.10.14
+
+
+
+  tasks:
+
+  - name: "GET CONFIG"
+    ios_command:
+      commands:
+        - "show running-config full | include ntp server"
+    register: get_config
+
+  - debug: var=get_config.stdout_lines
+
+  - name: RUN 'Set NTP'
+    with_items: "{{ ntp_servers }}"
+    ios_config:
+      lines:
+          - "{{ item }}"
+    register: set_ntp
+
+  - name: RUN 'Remove NTP'
+    when: "(get_config.stdout_lines[0][0] != '') and (item not in ntp_servers)"
+    with_items: "{{ get_config.stdout_lines[0] }}"
+    register: remove_ntp
+    ios_config:
+      lines:
+        - "no {{ item }}"

playbooks/network/configlet_vtyacl.yml

@@ -0,0 +1,60 @@
+---
+- name: CORRECT VTY-ACL ON CISCO DEVICES
+  hosts: cisco
+  connection: network_cli
+  gather_facts: no
+
+  tasks:
+
+    - name: SAVE RUNNING-CONFIG TO NVRAM FOR RECOVERY IF NEEDED
+      ios_config:
+        save_when: always
+
+    - name: Set the task_status var
+      set_fact:
+        task_status: "OK"
+
+    - block:
+      - name: UPDATE VTY-ACL ACCESS LIST
+        ios_config:
+          parents: ip access-list extended VTY-ACL
+          lines:
+            - permit tcp host {{ hostvars['ansible-1'].ansible_host }} any eq 22
+            - permit tcp 172.16.0.0 0.15.255.255 any eq 22
+            - permit tcp 192.168.0.0 0.0.255.255 any eq 22
+            - permit tcp 10.0.0.0 0.255.255.255 any eq 22 log-input
+            - deny   ip any any log-input
+          match: exact
+          replace: block
+          before:
+            - line vty 0 15
+            - NO access-class VTY-ACL in
+            - NO ip access-list extended VTY-ACL
+          after:
+            - line vty 0 15
+            - access-class VTY-ACL in
+
+      - name: CHECK IF SSH IS STILL ACCESSIABLE FROM NETWORK
+        wait_for:
+          host: "{{ inventory_hostname }}"
+          port: 22
+          state: started
+          delay: 2
+          timeout: 6
+        ignore_errors: no
+        
+
+      - name: SSH TEST SUCCESSFUL.  SAVING RUNNING-CONFIG
+        ios_config:
+          save_when: always
+
+      rescue:
+        - name: UPDATE FAILED. ROLLING BACK CONFIG
+          ios_command:
+            commands:
+                - configure replace nvram:startup-config force
+        - set_fact:
+            task_status: "ERROR"
+
+      when: task_status == 'OK'
+