search

ansibleguy / collection_opnsense

Ansible Collection to manage OPNSense firewalls using their API
https://opnsense.ansibleguy.net
GNU General Public License v3.0
257 stars 34 forks source link

Problem: update of the 'content' field for the alias doesn't work as expected #71

Closed rhaido closed 4 months ago

rhaido commented 5 months ago

Modules

alias

Version

ansibleguy.opnsense 1.2.8

Ansible Version

ansible [core 2.14.3]

OPNSense Version

24.1.3_1

OPNSense-Plugin Version

No response

Issue

Dear Ansible Guy,

It seems, that update of an alias is not really working correctly. I have the following situation:

vars/test.yml:
  - { name: "LIST", type: "urltable", content: ['https://ex.net/test'], ufq: 0.5 }

Playbook:

- hosts: localhost
  gather_facts: yes
  vars_files:
    - vars/test.yml
  module_defaults:
    group/ansibleguy.opnsense.all:
      ...

  tasks:
    - name: Configure Firewall Aliases
      ansibleguy.opnsense.alias:
        name: "{{ item.name }}"
        type: "{{ item.type }}"
        content: "{{ item.content }}"
        updatefreq_days: "{{ item.ufq }}"
        state: "{{ item.state | default('present') }}"
        reload: true
      with_items: "{{ aliases }}"

If I run the playbook with ansible-playbook -D opnsense.yml it gives me OK, but doesn't change the value of LIST alias. Is it the expected behaviour? Creation works as expected though.

Thanks! M.

Config Ansible

no special configuration used

Config OPNSense

No response

Debug Output

PLAY [localhost] ***********************************************************************************************************************

TASK [Gathering Facts] *****************************************************************************************************************
ok: [localhost]

TASK [Configure Firewall Aliases] ******************************************************************************************************
ok: [localhost] => (item={'name': 'LIST', 'type': 'urltable', 'content': ['https://ex.net/test'], 'ufq': 0.5})

PLAY RECAP *****************************************************************************************************************************
localhost                  : ok=2    changed=0    unreachable=0    failed=0    skipped=0    rescued=0    ignored=0

Profiling Output

No response

ansibleguy commented 4 months ago

Greetings @rhaido Sorry for the delay.

To clarify: Are you changing the URLs inside the URLTable alias or would you expect the IPs from the URLs to be updated?

As I understand the alias type (behavior of OPNSense; not the modules) - its content is not refreshed (fetching IPs from URLs) on change. But I may be wrong.

The update handling of the alias module(s) should basically work - as seen in the module tests

ansibleguy commented 4 months ago

Re-open if there's still an issue