/collection_opnsense

Ansible Collection to manage OPNSense firewalls using their API

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Ansible Collection - ansibleguy.opnsense

Buy me a coffee

Functional Test Status Lint Test Status Unit Test Status Docs Ansible Galaxy

Functional Test Logs: Short, Full


Requirements

The httpx python module is used for API communications!

python3 -m pip install --upgrade httpx

Then - install the collection itself:

# latest version:
ansible-galaxy collection install git+https://github.com/ansibleguy/collection_opnsense.git

# stable/tested version:
ansible-galaxy collection install git+https://github.com/ansibleguy/collection_opnsense.git,1.2.8
## OR
ansible-galaxy collection install ansibleguy.opnsense

Usage

See: Docs

You want a simple Ansible GUI? Check-out my Ansible WebUI


Sponsor

It was a lot of work (100+ hours) to get those modules working.

If you are happy with the functionality they provide: please consider donating a few bucks


Contribute

Feel free to contribute to this project using pull-requests, issues and discussions!

See also: Contributing


Version Support

The ansibleguy.opnsense modules always support the latest version of OPNSense.

If an API changed, the current module-implementation might fail for firewalls running an older firmware.

See also: Firmware-Upgrade using ansibleguy.opnsense.system

WARNING:

The next few OPNSense releases might contain API changes that might impact/break the functionality of some modules.


Modules

Development States:

not implemented => development => testing => unstable (practical testing) => stable

Implemented

Function Module Usage State
Base ansibleguy.opnsense.list Docs stable
Base ansibleguy.opnsense.reload Docs stable
Services ansibleguy.opnsense.service Docs stable
Alias ansibleguy.opnsense.alias Docs stable
Alias ansibleguy.opnsense.alias_multi Docs stable
Alias ansibleguy.opnsense.alias_purge Docs unstable
Rules ansibleguy.opnsense.rule Docs unstable
Rules ansibleguy.opnsense.rule_multi Docs unstable
Rules ansibleguy.opnsense.rule_purge Docs unstable
Savepoints ansibleguy.opnsense.savepoint Docs unstable
Packages ansibleguy.opnsense.package Docs stable
System ansibleguy.opnsense.system Docs stable
Cron-Jobs ansibleguy.opnsense.cron Docs stable
Routes ansibleguy.opnsense.route Docs stable
DNS ansibleguy.opnsense.unbound_general Docs stable
DNS ansibleguy.opnsense.unbound_acl Docs unstable
DNS ansibleguy.opnsense.unbound_forward Docs stable
DNS ansibleguy.opnsense.unbound_dot Docs stable
DNS ansibleguy.opnsense.unbound_host Docs stable
DNS ansibleguy.opnsense.unbound_domain Docs stable
DNS ansibleguy.opnsense.unbound_host_alias Docs stable
Syslog ansibleguy.opnsense.syslog Docs stable
IPSec ansibleguy.opnsense.ipsec_connection, ansibleguy.opnsense.ipsec_tunnel Docs stable
IPSec ansibleguy.opnsense.ipsec_pool, ansibleguy.opnsense.ipsec_network Docs stable
IPSec ansibleguy.opnsense.ipsec_auth_local Docs stable
IPSec ansibleguy.opnsense.ipsec_auth_remote Docs stable
IPSec ansibleguy.opnsense.ipsec_child Docs stable
IPSec ansibleguy.opnsense.ipsec_vti Docs stable
IPSec ansibleguy.opnsense.ipsec_cert Docs stable
IPSec ansibleguy.opnsense.ipsec_psk Docs unstable
Traffic Shaper ansibleguy.opnsense.shaper_pipe Docs stable
Traffic Shaper ansibleguy.opnsense.shaper_queue Docs stable
Traffic Shaper ansibleguy.opnsense.shaper_rule Docs stable
Monit ansibleguy.opnsense.monit_service Docs stable
Monit ansibleguy.opnsense.monit_alert Docs stable
Monit ansibleguy.opnsense.monit_test Docs stable
WireGuard ansibleguy.opnsense.wireguard_server Docs stable
WireGuard ansibleguy.opnsense.wireguard_peer Docs stable
WireGuard ansibleguy.opnsense.wireguard_show Docs stable
WireGuard ansibleguy.opnsense.wireguard_general Docs stable
Interfaces ansibleguy.opnsense.interface_vlan Docs stable
Interfaces ansibleguy.opnsense.interface_vxlan Docs stable
Interfaces ansibleguy.opnsense.interface_vip Docs stable
NAT ansibleguy.opnsense.source_nat, ansibleguy.opnsense.snat Docs unstable
Dynamic Routing ansibleguy.opnsense.frr_diagnostic Docs stable
Dynamic Routing ansibleguy.opnsense.frr_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bfd_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bfd_neighbor Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_neighbor Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_prefix_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_route_map Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_community_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_as_path Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_prefix_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_interface Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_network Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf3_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf3_interface Docs stable
Dynamic Routing ansibleguy.opnsense.frr_rip Docs stable
DNS ansibleguy.opnsense.bind_general Docs stable
DNS ansibleguy.opnsense.bind_blocklist Docs stable
DNS ansibleguy.opnsense.bind_acl Docs stable
DNS ansibleguy.opnsense.bind_domain Docs stable
DNS ansibleguy.opnsense.bind_record Docs stable
DNS ansibleguy.opnsense.bind_record_multi Docs stable
Web Proxy ansibleguy.opnsense.webproxy_general Docs stable
Web Proxy ansibleguy.opnsense.webproxy_cache Docs stable
Web Proxy ansibleguy.opnsense.webproxy_parent Docs stable
Web Proxy ansibleguy.opnsense.webproxy_traffic Docs stable
Web Proxy ansibleguy.opnsense.webproxy_forward Docs stable
Web Proxy ansibleguy.opnsense.webproxy_acl Docs stable
Web Proxy ansibleguy.opnsense.webproxy_icap Docs stable
Web Proxy ansibleguy.opnsense.webproxy_auth Docs stable
Web Proxy ansibleguy.opnsense.webproxy_remote_acl Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_proxy Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_match Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_action Docs stable
IDS/IPS ansibleguy.opnsense.ids_general Docs stable
IDS/IPS ansibleguy.opnsense.ids_ruleset Docs stable
IDS/IPS ansibleguy.opnsense.ids_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_user_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_policy Docs stable
IDS/IPS ansibleguy.opnsense.ids_policy_rule Docs stable
OpenVPN ansibleguy.opnsense.openvpn_client Docs unstable
OpenVPN ansibleguy.opnsense.openvpn_server Docs unstable
OpenVPN ansibleguy.opnsense.openvpn_static_key Docs unstable
OpenVPN ansibleguy.opnsense.openvpn_status Docs unstable
OpenVPN ansibleguy.opnsense.openvpn_client_override Docs unstable
OpenVPN ansibleguy.opnsense.openvpn_client_template Docs development
OpenVPN ansibleguy.opnsense.openvpn_client_export Docs development

Roadmap

See: Feature Requests