Claude 1

sophos-xgs-ansible/tests/linting/.yamllint

@@ -0,0 +1,24 @@
+---
+# YAML Lint Configuration
+
+extends: default
+
+rules:
+  line-length:
+    max: 160
+    level: warning
+
+  indentation:
+    spaces: 2
+    indent-sequences: true
+
+  comments:
+    min-spaces-from-content: 2
+
+  truthy:
+    allowed-values: ['true', 'false', 'yes', 'no']
+
+ignore: |
+  .git/
+  collections/
+  tests/sample_config/

sophos-xgs-ansible/tests/linting/ansible-lint.yml

@@ -0,0 +1,17 @@
+---
+# Ansible Lint Configuration
+# Run with: ansible-lint -c tests/linting/ansible-lint.yml
+
+skip_list:
+  - yaml[line-length]  # Allow longer lines in templates
+  - no-changed-when    # Some API calls are difficult to make idempotent
+  - risky-file-permissions  # Handled by role defaults
+
+warn_list:
+  - experimental
+  - jinja[spacing]
+
+exclude_paths:
+  - .git/
+  - .github/
+  - tests/sample_config/

sophos-xgs-ansible/tests/sample_config/fw-sample1.yml

@@ -0,0 +1,100 @@
+---
+# ============================================================================
+# Sample Firewall Configuration 1
+# ============================================================================
+# This is a complete example configuration for testing and reference.
+# All IPs, domains, and credentials are FAKE and for demonstration only.
+# ============================================================================
+
+sophos_mgmt_host: "192.168.100.1"
+sophos_api_username: "admin"
+sophos_api_password: "SampleP@ssw0rd123"
+
+sophos_hostname: "fw-sample1"
+sophos_location: "sample-datacenter"
+
+# Interfaces
+sophos_interfaces:
+  - name: "Port1"
+    zone: "WAN"
+    description: "Internet connection"
+    mode: "static"
+    ip_address: "203.0.113.100"
+    netmask: "255.255.255.248"
+    gateway: "203.0.113.97"
+    enabled: true
+
+  - name: "Port2"
+    zone: "LAN"
+    description: "Internal network"
+    mode: "static"
+    ip_address: "10.100.0.1"
+    netmask: "255.255.255.0"
+    enabled: true
+
+# VLANs
+sophos_vlans:
+  - name: "VLAN10-Servers"
+    vlan_id: 10
+    parent_interface: "Port2"
+    zone: "LAN"
+    ip_address: "10.100.10.1"
+    netmask: "255.255.255.0"
+    enabled: true
+
+# DHCP
+sophos_dhcp_servers:
+  - name: "DHCP-LAN"
+    interface: "Port2"
+    enabled: true
+    start_ip: "10.100.0.100"
+    end_ip: "10.100.0.200"
+    netmask: "255.255.255.0"
+    gateway: "10.100.0.1"
+    dns_servers: ["8.8.8.8", "8.8.4.4"]
+    lease_time: 86400
+
+# Firewall Rules
+sophos_firewall_rules:
+  - name: "Allow-LAN-to-Internet"
+    source_zones: ["LAN"]
+    dest_zones: ["WAN"]
+    source_networks: ["any"]
+    dest_networks: ["any"]
+    services: ["HTTP", "HTTPS", "DNS"]
+    action: "accept"
+    log: false
+    enabled: true
+
+# Site-to-Site VPN
+sophos_site_to_site_vpns:
+  - name: "Sample-VPN"
+    enabled: true
+    local_gateway: "203.0.113.100"
+    local_networks: ["10.100.0.0/16"]
+    remote_gateway: "203.0.113.200"
+    remote_networks: ["10.200.0.0/16"]
+    psk: "SamplePSK123"
+    description: "Sample VPN tunnel"
+
+# SNMP
+sophos_snmp:
+  enabled: true
+  version: "v2c"
+  community: "sample"
+  location: "Sample Location"
+  contact: "admin@example.com"
+
+# Logging
+sophos_logging:
+  enabled: true
+  syslog_servers:
+    - host: "10.100.0.50"
+      port: 514
+      protocol: "udp"
+
+# NTP
+sophos_ntp:
+  servers:
+    - "0.pool.ntp.org"
+  timezone: "UTC"