Ansible role to configure OPNsense firewalls.
This is the RLS detached fork of the original from https://github.com/naturalis/ansible-opnsense.
As of Oct 5, 2023 this became the main repository, as the original was removed (see #35).
We like to thank @rudibroekhuizen and all other contributors from @naturalis for their greate work and we are happy to use their contributions as a base for further development.
- OPNsense firewall with shell access
We try to provide some example variable definitions in the coresponding task and test (test/*.yml
) files.
sudo apt install python3-lxml
sudo apt install secure-delete (optional)
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
---
- hosts: firewalls
gather_facts: false
become: false
roles:
- ansible-opnsense
...
Become on play level is not needed for XML changes on localhost, only for tasks to fetch/push config.xml and restart services on OPNsense.
ansible-playbook firewalls.yml -l firewall1 -t user,fetch,copy,reload
https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense-playbook
Other possible usefull ansible roles related to opnsense:
- https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense-facts
- https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense-checkmk
- https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense-plugpack
- https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense-update
- https://github.com/zerwes/opnsense-fail2ban
Apache 2.0
- Rudi Broekhuizen - rudi.broekhuizen@naturalis.nl
- Privazio - hello@privaz.io - https://github.com/privazio
- Foppe Pieters - foppe.pieters@naturalis.nl
- Klaus Zerwes - https://github.com/zerwes