{ "schemaVersion": "1.0", "item": { "slug": "aruba-iap", "name": "Aruba Iap Publish", "source": "tencent", "type": "skill", "category": "开发工具", "sourceUrl": "https://clawhub.ai/scsun1978/aruba-iap", "canonicalUrl": "https://clawhub.ai/scsun1978/aruba-iap", "targetPlatform": "OpenClaw" }, "install": { "downloadMode": "redirect", "downloadUrl": "/downloads/aruba-iap", "sourceDownloadUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=aruba-iap", "sourcePlatform": "tencent", "targetPlatform": "OpenClaw", "installMethod": "Manual import", "extraction": "Extract archive", "prerequisites": [ "OpenClaw" ], "packageFormat": "ZIP package", "includedAssets": [ "README.md", "SKILL.md", "_meta.json", "add-aruba-ssid.json", "assets/config_template.txt", "backups/20260223_232629/result.json" ], "primaryDoc": "SKILL.md", "quickSetup": [ "Download the package from Yavira.", "Extract the archive and review SKILL.md first.", "Import or place the package into your OpenClaw setup." ], "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "sourceHealth": { "source": "tencent", "status": "healthy", "reason": "direct_download_ok", "recommendedAction": "download", "checkedAt": "2026-04-23T16:43:11.935Z", "expiresAt": "2026-04-30T16:43:11.935Z", "httpStatus": 200, "finalUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentType": "application/zip", "probeMethod": "head", "details": { "probeUrl": "https://wry-manatee-359.convex.site/api/v1/download?slug=4claw-imageboard", "contentDisposition": "attachment; filename=\"4claw-imageboard-1.0.1.zip\"", "redirectLocation": null, "bodySnippet": null }, "scope": "source", "summary": "Source download looks usable.", "detail": "Yavira can redirect you to the upstream package for this source.", "primaryActionLabel": "Download for OpenClaw", "primaryActionHref": "/downloads/aruba-iap" }, "validation": { "installChecklist": [ "Use the Yavira download entry.", "Review SKILL.md after the package is downloaded.", "Confirm the extracted package contains the expected setup assets." ], "postInstallChecks": [ "Confirm the extracted package includes the expected docs or setup files.", "Validate the skill or prompts are available in your target agent workspace.", "Capture any manual follow-up steps the agent could not complete." ] }, "downloadPageUrl": "https://openagent3.xyz/downloads/aruba-iap", "agentPageUrl": "https://openagent3.xyz/skills/aruba-iap/agent", "manifestUrl": "https://openagent3.xyz/skills/aruba-iap/agent.json", "briefUrl": "https://openagent3.xyz/skills/aruba-iap/agent.md" }, "agentAssist": { "summary": "Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.", "steps": [ "Download the package from Yavira.", "Extract it into a folder your agent can access.", "Paste one of the prompts below and point your agent at the extracted folder." ], "prompts": [ { "label": "New install", "body": "I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Then review README.md for any prerequisites, environment setup, or post-install checks. Tell me what you changed and call out any manual steps you could not complete." }, { "label": "Upgrade existing", "body": "I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Then review README.md for any prerequisites, environment setup, or post-install checks. Summarize what changed and any follow-up checks I should run." } ] }, "documentation": { "source": "clawhub", "primaryDoc": "SKILL.md", "sections": [ { "title": "Aruba IAP Configuration Manager", "body": "Comprehensive Aruba Instant AP (IAP) configuration management with automatic baseline capture, rollback support, and health monitoring." }, { "title": "✨ Core Capabilities", "body": "Device Mode Detection: Automatically detects Virtual Controller, Single-Node Cluster, or Standalone AP mode\nConfiguration Snapshots: Full configuration capture with structured JSON output\nSafe Configuration Changes: Apply changes with automatic baseline capture and rollback support\nComprehensive Monitoring: 40+ monitoring commands across 10 categories\nRisk Assessment: Automatic risk evaluation for configuration changes\nSecret Management: Secure secret references (no plain-text passwords)\nChange History: Full audit trail with timestamped artifacts\nInteractive Configuration Mode: Support for Aruba IAP CLI commit model" }, { "title": "📊 Configuration Change Types", "body": "TypeRiskDescriptionssid_profileMediumCreate complete SSID profile with WPA2-PSK-AESssid_deleteHighRemove existing SSID profilesnmp_communityLowSNMP community configurationsnmp_hostLow-MediumSNMP host/trap destinationsyslog_levelLowSyslog logging levelsauth_serverMediumRADIUS/CPPM authentication serverap_allowlistMediumAdd/remove APs from allowlistwired_port_profileMediumWired port configurationntpLowNTP server configurationdnsLowDNS server configurationrf_templateLowRF template application" }, { "title": "1. Installation", "body": "# Clone or download the skill\ncd ~/.openclaw/workspace/skills/aruba-iap-publish\n\n# Run install script\n./install.sh\n\n# Verify installation\niapctl --help" }, { "title": "2. Basic Usage", "body": "# Device Discovery\niapctl discover --cluster office-iap --vc 192.168.20.56 --out ./out\n\n# Configuration Snapshot\niapctl snapshot --cluster office-iap --vc 192.168.20.56 --out ./out\n\n# Verify Configuration\niapctl verify --cluster office-iap --vc 192.168.20.56 --level basic --out ./out" }, { "title": "3. Add SSID", "body": "# Create SSID configuration JSON\ncat > add-ssid.json << 'EOF'\n{\n \"changes\": [\n {\n \"type\": \"ssid_profile\",\n \"profile_name\": \"MyWiFi\",\n \"essid\": \"MyNetwork\",\n \"opmode\": \"wpa2-psk-aes\",\n \"wpa_passphrase\": \"MySecurePassword123\",\n \"vlan\": 1,\n \"rf_band\": \"all\"\n }\n ]\n}\nEOF\n\n# Generate diff\niapctl diff --cluster office-iap --vc 192.168.20.56 \\\n --in add-ssid.json --out ./diff\n\n# Apply changes\niapctl apply --cluster office-iap --vc 192.168.20.56 \\\n --change-id $(cat diff/commands.json | jq -r '.change_id') \\\n --in diff/commands.json --out ./apply" }, { "title": "4. Delete SSID", "body": "# Create delete SSID configuration JSON\ncat > delete-ssid.json << 'EOF'\n{\n \"changes\": [\n {\n \"type\": \"ssid_delete\",\n \"profile_name\": \"OldSSID\"\n }\n ]\n}\nEOF\n\n# Generate diff\niapctl diff --cluster office-iap --vc 192.168.20.56 \\\n --in delete-ssid.json --out ./diff\n\n# Apply changes\niapctl apply --cluster office-iap --vc 192.168.20.56 \\\n --change-id $(cat diff/commands.json | jq -r '.change_id') \\\n --in diff/commands.json --out ./apply" }, { "title": "5. Monitor Device", "body": "# Monitor all categories\niapctl monitor --cluster office-iap --vc 192.168.20.56 --out ./monitor\n\n# Monitor specific categories\niapctl monitor --cluster office-iap --vc 192.168.20.56 \\\n -c \"system ap clients wlan\" --out ./monitor" }, { "title": "Supported Device Modes", "body": "Virtual Controller Mode\n\nManages multiple IAPs\nFull CLI command set available\n\n\n\nSingle-Node Cluster Mode ✨ NEW\n\nSingle IAP with VC configuration\nSupports interactive config mode\nconfigure terminal → config commands → commit apply\n\n\n\nStandalone AP Mode\n\nIndividual AP without cluster\nBasic configuration available" }, { "title": "Interactive Configuration Mode", "body": "For Aruba IAP devices, configuration uses the CLI commit model:\n\nEnter configuration mode: configure terminal\nEnter sub-mode (e.g., wlan ssid-profile )\nConfigure parameters (flat commands, no indentation)\nExit sub-mode: exit\nExit configuration mode: exit\nSave configuration: write memory\nApply configuration: commit apply" }, { "title": "Risk Assessment", "body": "iapctl automatically assesses risks for each change set:" }, { "title": "Risk Levels", "body": "low: Minimal impact, safe to apply\nmedium: May affect connectivity, review recommended\nhigh: Major changes, requires careful planning" }, { "title": "Common Warnings", "body": "Removing WLAN or RADIUS configuration may disconnect users\nWPA passphrase changes will require clients to re-authenticate\nAP allowlist changes may prevent APs from joining the cluster\nVLAN changes may affect network connectivity\nLarge number of changes - consider applying in stages" }, { "title": "1. Use Secret References", "body": "Always use secret_ref for passwords and keys:\n\n{\n \"type\": \"auth_server\",\n \"server_name\": \"radius-primary\",\n \"ip\": \"10.10.10.10\",\n \"secret_ref\": \"secret:radius-primary-key\"\n}\n\nNever commit plain-text secrets to version control." }, { "title": "2. Review Risk Assessment", "body": "Always review risk.json before applying changes:\n\ncat diff/risk.json" }, { "title": "3. Use Dry Run First", "body": "Test with --dry-run to verify commands without applying:\n\niapctl apply --dry-run ..." }, { "title": "4. Verify After Changes", "body": "Always run verify after applying changes:\n\niapctl verify --level full ..." }, { "title": "5. Apply Changes in Stages", "body": "For large change sets, break them into smaller batches:\n\nStage 1: SNMP and syslog configuration\nStage 2: Authentication servers\nStage 3: SSID profiles\nStage 4: AP allowlist and wired ports" }, { "title": "Testing", "body": "Comprehensive testing performed on real hardware:\n\n✅ Device discovery and mode detection\n✅ Configuration snapshot with multiple artifacts\n✅ Configuration diff generation\n✅ SSID profile addition\n✅ SSID profile deletion\n✅ Configuration apply with interactive mode\n✅ Configuration verification\n✅ Health monitoring\n✅ Risk assessment\n✅ AP allowlist management\n\nTest Results: 10/11 tests passed (91%)" }, { "title": "Rollback Functionality", "body": "Status: Partially working\nIssue: Rollback command execution has limitations\nImpact: Low - can be done manually if needed\nWorkaround: Use no for manual rollback" }, { "title": "Post-Apply Verification", "body": "Status: Sometimes times out\nIssue: show running-config after commit apply can timeout\nImpact: Minimal - configuration is applied successfully\nWorkaround: Wait a few seconds and retry" }, { "title": "v1.1.1 (2026-02-23)", "body": "✅ Add ssid_delete change type\n✅ Add send_config_and_apply() method\n✅ Add send_config_commands() method\n✅ Update diff_engine.py for flat command generation\n✅ Fix Result action pattern for 'monitor'\n✅ Support Aruba IAP single-node cluster mode\n✅ Comprehensive testing on real hardware" }, { "title": "v1.1.0 (2026-02-23)", "body": "✅ Initial release with core functionality\n✅ Device discovery and mode detection\n✅ Configuration snapshots\n✅ SSID profile management\n✅ Configuration diff and apply\n✅ Risk assessment\n✅ Health monitoring" }, { "title": "Requirements", "body": "Python 3.8+\nscrapli[paramiko] for SSH connections\nAruba Instant AP 6.x, 8.x, or AOS 10.x" }, { "title": "License", "body": "MIT License - See LICENSE file for details" }, { "title": "Support", "body": "For issues, questions, or contributions:\n\nClawHub: https://clawhub.com/skills/aruba-iap\nDocumentation: See docs/ folder\nExamples: See examples/ folder" } ], "body": "Aruba IAP Configuration Manager\n\nComprehensive Aruba Instant AP (IAP) configuration management with automatic baseline capture, rollback support, and health monitoring.\n\nFeatures\n✨ Core Capabilities\nDevice Mode Detection: Automatically detects Virtual Controller, Single-Node Cluster, or Standalone AP mode\nConfiguration Snapshots: Full configuration capture with structured JSON output\nSafe Configuration Changes: Apply changes with automatic baseline capture and rollback support\nComprehensive Monitoring: 40+ monitoring commands across 10 categories\nRisk Assessment: Automatic risk evaluation for configuration changes\nSecret Management: Secure secret references (no plain-text passwords)\nChange History: Full audit trail with timestamped artifacts\nInteractive Configuration Mode: Support for Aruba IAP CLI commit model\n📊 Configuration Change Types\nType\tRisk\tDescription\nssid_profile\tMedium\tCreate complete SSID profile with WPA2-PSK-AES\nssid_delete\tHigh\tRemove existing SSID profile\nsnmp_community\tLow\tSNMP community configuration\nsnmp_host\tLow-Medium\tSNMP host/trap destination\nsyslog_level\tLow\tSyslog logging levels\nauth_server\tMedium\tRADIUS/CPPM authentication server\nap_allowlist\tMedium\tAdd/remove APs from allowlist\nwired_port_profile\tMedium\tWired port configuration\nntp\tLow\tNTP server configuration\ndns\tLow\tDNS server configuration\nrf_template\tLow\tRF template application\nQuick Start\n1. Installation\n# Clone or download the skill\ncd ~/.openclaw/workspace/skills/aruba-iap-publish\n\n# Run install script\n./install.sh\n\n# Verify installation\niapctl --help\n\n2. Basic Usage\n# Device Discovery\niapctl discover --cluster office-iap --vc 192.168.20.56 --out ./out\n\n# Configuration Snapshot\niapctl snapshot --cluster office-iap --vc 192.168.20.56 --out ./out\n\n# Verify Configuration\niapctl verify --cluster office-iap --vc 192.168.20.56 --level basic --out ./out\n\n3. Add SSID\n# Create SSID configuration JSON\ncat > add-ssid.json << 'EOF'\n{\n \"changes\": [\n {\n \"type\": \"ssid_profile\",\n \"profile_name\": \"MyWiFi\",\n \"essid\": \"MyNetwork\",\n \"opmode\": \"wpa2-psk-aes\",\n \"wpa_passphrase\": \"MySecurePassword123\",\n \"vlan\": 1,\n \"rf_band\": \"all\"\n }\n ]\n}\nEOF\n\n# Generate diff\niapctl diff --cluster office-iap --vc 192.168.20.56 \\\n --in add-ssid.json --out ./diff\n\n# Apply changes\niapctl apply --cluster office-iap --vc 192.168.20.56 \\\n --change-id $(cat diff/commands.json | jq -r '.change_id') \\\n --in diff/commands.json --out ./apply\n\n4. Delete SSID\n# Create delete SSID configuration JSON\ncat > delete-ssid.json << 'EOF'\n{\n \"changes\": [\n {\n \"type\": \"ssid_delete\",\n \"profile_name\": \"OldSSID\"\n }\n ]\n}\nEOF\n\n# Generate diff\niapctl diff --cluster office-iap --vc 192.168.20.56 \\\n --in delete-ssid.json --out ./diff\n\n# Apply changes\niapctl apply --cluster office-iap --vc 192.168.20.56 \\\n --change-id $(cat diff/commands.json | jq -r '.change_id') \\\n --in diff/commands.json --out ./apply\n\n5. Monitor Device\n# Monitor all categories\niapctl monitor --cluster office-iap --vc 192.168.20.56 --out ./monitor\n\n# Monitor specific categories\niapctl monitor --cluster office-iap --vc 192.168.20.56 \\\n -c \"system ap clients wlan\" --out ./monitor\n\nConfiguration Modes\nSupported Device Modes\n\nVirtual Controller Mode\n\nManages multiple IAPs\nFull CLI command set available\n\nSingle-Node Cluster Mode ✨ NEW\n\nSingle IAP with VC configuration\nSupports interactive config mode\nconfigure terminal → config commands → commit apply\n\nStandalone AP Mode\n\nIndividual AP without cluster\nBasic configuration available\nInteractive Configuration Mode\n\nFor Aruba IAP devices, configuration uses the CLI commit model:\n\nEnter configuration mode: configure terminal\nEnter sub-mode (e.g., wlan ssid-profile )\nConfigure parameters (flat commands, no indentation)\nExit sub-mode: exit\nExit configuration mode: exit\nSave configuration: write memory\nApply configuration: commit apply\nRisk Assessment\n\niapctl automatically assesses risks for each change set:\n\nRisk Levels\nlow: Minimal impact, safe to apply\nmedium: May affect connectivity, review recommended\nhigh: Major changes, requires careful planning\nCommon Warnings\nRemoving WLAN or RADIUS configuration may disconnect users\nWPA passphrase changes will require clients to re-authenticate\nAP allowlist changes may prevent APs from joining the cluster\nVLAN changes may affect network connectivity\nLarge number of changes - consider applying in stages\nBest Practices\n1. Use Secret References\n\nAlways use secret_ref for passwords and keys:\n\n{\n \"type\": \"auth_server\",\n \"server_name\": \"radius-primary\",\n \"ip\": \"10.10.10.10\",\n \"secret_ref\": \"secret:radius-primary-key\"\n}\n\n\nNever commit plain-text secrets to version control.\n\n2. Review Risk Assessment\n\nAlways review risk.json before applying changes:\n\ncat diff/risk.json\n\n3. Use Dry Run First\n\nTest with --dry-run to verify commands without applying:\n\niapctl apply --dry-run ...\n\n4. Verify After Changes\n\nAlways run verify after applying changes:\n\niapctl verify --level full ...\n\n5. Apply Changes in Stages\n\nFor large change sets, break them into smaller batches:\n\nStage 1: SNMP and syslog configuration\nStage 2: Authentication servers\nStage 3: SSID profiles\nStage 4: AP allowlist and wired ports\nTesting\n\nComprehensive testing performed on real hardware:\n\n✅ Device discovery and mode detection\n✅ Configuration snapshot with multiple artifacts\n✅ Configuration diff generation\n✅ SSID profile addition\n✅ SSID profile deletion\n✅ Configuration apply with interactive mode\n✅ Configuration verification\n✅ Health monitoring\n✅ Risk assessment\n✅ AP allowlist management\n\nTest Results: 10/11 tests passed (91%)\n\nKnown Issues & Limitations\nRollback Functionality\nStatus: Partially working\nIssue: Rollback command execution has limitations\nImpact: Low - can be done manually if needed\nWorkaround: Use no for manual rollback\nPost-Apply Verification\nStatus: Sometimes times out\nIssue: show running-config after commit apply can timeout\nImpact: Minimal - configuration is applied successfully\nWorkaround: Wait a few seconds and retry\nChangelog\nv1.1.1 (2026-02-23)\n✅ Add ssid_delete change type\n✅ Add send_config_and_apply() method\n✅ Add send_config_commands() method\n✅ Update diff_engine.py for flat command generation\n✅ Fix Result action pattern for 'monitor'\n✅ Support Aruba IAP single-node cluster mode\n✅ Comprehensive testing on real hardware\nv1.1.0 (2026-02-23)\n✅ Initial release with core functionality\n✅ Device discovery and mode detection\n✅ Configuration snapshots\n✅ SSID profile management\n✅ Configuration diff and apply\n✅ Risk assessment\n✅ Health monitoring\nRequirements\nPython 3.8+\nscrapli[paramiko] for SSH connections\nAruba Instant AP 6.x, 8.x, or AOS 10.x\nLicense\n\nMIT License - See LICENSE file for details\n\nSupport\n\nFor issues, questions, or contributions:\n\nClawHub: https://clawhub.com/skills/aruba-iap\nDocumentation: See docs/ folder\nExamples: See examples/ folder" }, "trust": { "sourceLabel": "tencent", "provenanceUrl": "https://clawhub.ai/scsun1978/aruba-iap", "publisherUrl": "https://clawhub.ai/scsun1978/aruba-iap", "owner": "scsun1978", "version": "1.2.0", "license": null, "verificationStatus": "Indexed source record" }, "links": { "detailUrl": "https://openagent3.xyz/skills/aruba-iap", "downloadUrl": "https://openagent3.xyz/downloads/aruba-iap", "agentUrl": "https://openagent3.xyz/skills/aruba-iap/agent", "manifestUrl": "https://openagent3.xyz/skills/aruba-iap/agent.json", "briefUrl": "https://openagent3.xyz/skills/aruba-iap/agent.md" } }