ansibleguy / collection_opnsense

Ansible Collection to manage OPNSense firewalls using their API
https://opnsense.ansibleguy.net
GNU General Public License v3.0
267 stars 36 forks source link
ansible ansible-collection ansible-modules automation firewall firewall-management frr iac infrastructure-as-code nac network network-as-code networking opnsense opnsense-firewall router routing

Ansible Collection - ansibleguy.opnsense

Buy me a coffee

Functional Test Status Lint Test Status Unit Test Status Docs Ansible Galaxy

Functional Test Logs: Short, Full


Requirements

The httpx python module is used for API communications!

python3 -m pip install --upgrade httpx

Then - install the collection itself:

# latest version:
ansible-galaxy collection install git+https://github.com/ansibleguy/collection_opnsense.git

# stable/tested version:
ansible-galaxy collection install git+https://github.com/ansibleguy/collection_opnsense.git,1.2.11
## OR
ansible-galaxy collection install ansibleguy.opnsense

Usage

See: Docs

If you DO NOT want to use Ansible - this fork provides you with a raw Python3 interface.


Advertisement


Contribute

Feel free to contribute to this project using pull-requests, issues and discussions!

See also: Contributing


Version Support

The ansibleguy.opnsense modules always support the latest version of OPNSense.

If an API changed, the current module-implementation might fail for firewalls running an older firmware.


Modules

Development States:

not implemented => development => testing => unstable (practical testing) => stable

Implemented

Function Module Usage State
Base ansibleguy.opnsense.list Docs stable
Base ansibleguy.opnsense.reload Docs stable
Services ansibleguy.opnsense.service Docs stable
Alias ansibleguy.opnsense.alias Docs stable
Alias ansibleguy.opnsense.alias_multi Docs stable
Alias ansibleguy.opnsense.alias_purge Docs unstable
Rules ansibleguy.opnsense.rule Docs stable
Rules ansibleguy.opnsense.rule_multi Docs stable
Rules ansibleguy.opnsense.rule_purge Docs unstable
Rule Interface Groups ansibleguy.opnsense.rule_interface_group Docs unstable
Savepoints ansibleguy.opnsense.savepoint Docs stable
Packages ansibleguy.opnsense.package Docs stable
System ansibleguy.opnsense.system Docs stable
Cron-Jobs ansibleguy.opnsense.cron Docs stable
Routes ansibleguy.opnsense.route Docs stable
Gateways ansibleguy.opnsense.gateway Docs unstable
DNS ansibleguy.opnsense.unbound_general Docs stable
DNS ansibleguy.opnsense.unbound_acl Docs stable
DNS ansibleguy.opnsense.unbound_forward Docs stable
DNS ansibleguy.opnsense.unbound_dot Docs stable
DNS ansibleguy.opnsense.unbound_host Docs stable
DNS ansibleguy.opnsense.unbound_domain Docs stable
DNS ansibleguy.opnsense.unbound_host_alias Docs stable
DNS ansibleguy.opnsense.unbound_dnsbl Docs unstable Syslog ansibleguy.opnsense.syslog Docs stable
IPSec ansibleguy.opnsense.ipsec_connection, ansibleguy.opnsense.ipsec_tunnel Docs stable
IPSec ansibleguy.opnsense.ipsec_pool, ansibleguy.opnsense.ipsec_network Docs stable
IPSec ansibleguy.opnsense.ipsec_auth_local Docs stable
IPSec ansibleguy.opnsense.ipsec_auth_remote Docs stable
IPSec ansibleguy.opnsense.ipsec_child Docs stable
IPSec ansibleguy.opnsense.ipsec_vti Docs stable
IPSec ansibleguy.opnsense.ipsec_cert Docs stable
IPSec ansibleguy.opnsense.ipsec_psk Docs stable
Traffic Shaper ansibleguy.opnsense.shaper_pipe Docs stable
Traffic Shaper ansibleguy.opnsense.shaper_queue Docs stable
Traffic Shaper ansibleguy.opnsense.shaper_rule Docs stable
Monit ansibleguy.opnsense.monit_service Docs stable
Monit ansibleguy.opnsense.monit_alert Docs stable
Monit ansibleguy.opnsense.monit_test Docs stable
WireGuard ansibleguy.opnsense.wireguard_server Docs stable
WireGuard ansibleguy.opnsense.wireguard_peer Docs stable
WireGuard ansibleguy.opnsense.wireguard_show Docs stable
WireGuard ansibleguy.opnsense.wireguard_general Docs stable
Interfaces ansibleguy.opnsense.interface_vlan Docs stable
Interfaces ansibleguy.opnsense.interface_vxlan Docs stable
Interfaces ansibleguy.opnsense.interface_vip Docs stable
Interfaces ansibleguy.opnsense.interface_lagg Docs unstable
Interfaces ansibleguy.opnsense.interface_loopback Docs unstable
NAT ansibleguy.opnsense.source_nat, ansibleguy.opnsense.snat Docs stable
Dynamic Routing ansibleguy.opnsense.frr_diagnostic Docs stable
Dynamic Routing ansibleguy.opnsense.frr_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bfd_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bfd_neighbor Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_neighbor Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_prefix_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_route_map Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_community_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_bgp_as_path Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_prefix_list Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_interface Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf_network Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf3_general Docs stable
Dynamic Routing ansibleguy.opnsense.frr_ospf3_interface Docs stable
Dynamic Routing ansibleguy.opnsense.frr_rip Docs stable
DNS ansibleguy.opnsense.bind_general Docs stable
DNS ansibleguy.opnsense.bind_blocklist Docs stable
DNS ansibleguy.opnsense.bind_acl Docs stable
DNS ansibleguy.opnsense.bind_domain Docs stable
DNS ansibleguy.opnsense.bind_record Docs stable
DNS ansibleguy.opnsense.bind_record_multi Docs stable
Web Proxy ansibleguy.opnsense.webproxy_general Docs stable
Web Proxy ansibleguy.opnsense.webproxy_cache Docs stable
Web Proxy ansibleguy.opnsense.webproxy_parent Docs stable
Web Proxy ansibleguy.opnsense.webproxy_traffic Docs stable
Web Proxy ansibleguy.opnsense.webproxy_forward Docs stable
Web Proxy ansibleguy.opnsense.webproxy_acl Docs stable
Web Proxy ansibleguy.opnsense.webproxy_icap Docs stable
Web Proxy ansibleguy.opnsense.webproxy_auth Docs stable
Web Proxy ansibleguy.opnsense.webproxy_remote_acl Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_proxy Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_match Docs stable
Web Proxy ansibleguy.opnsense.webproxy_pac_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_action Docs stable
IDS/IPS ansibleguy.opnsense.ids_general Docs stable
IDS/IPS ansibleguy.opnsense.ids_ruleset Docs stable
IDS/IPS ansibleguy.opnsense.ids_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_user_rule Docs stable
IDS/IPS ansibleguy.opnsense.ids_policy Docs stable
IDS/IPS ansibleguy.opnsense.ids_policy_rule Docs stable
OpenVPN ansibleguy.opnsense.openvpn_client Docs stable
OpenVPN ansibleguy.opnsense.openvpn_server Docs stable
OpenVPN ansibleguy.opnsense.openvpn_static_key Docs stable
OpenVPN ansibleguy.opnsense.openvpn_status Docs stable
OpenVPN ansibleguy.opnsense.openvpn_client_override Docs stable
Nginx ansibleguy.opnsense.nginx_general Docs unstable
Nginx ansibleguy.opnsense.nginx_upstream_server Docs unstable
DHCP Relay ansibleguy.opnsense.dhcrelay Docs unstable
DHCP Relay ansibleguy.opnsense.dhcrelay_destination Docs unstable
DHCP Reservation ansibleguy.opnsense.dhcp_reservation Docs unstable

Roadmap

See: Feature Requests