Merge branch 'latest' into unbound_dnsbl

ansibleguy · Oct 25, 2024 · 547b6f9 · 547b6f9
2 parents e0d2173 + f0c1d6d
commit 547b6f9
Show file tree

Hide file tree

Showing 13 changed files with 280 additions and 25 deletions.
diff --git a/README.md b/README.md
@@ -38,15 +38,27 @@ ansible-galaxy collection install ansibleguy.opnsense
 
 See: [Docs](https://opnsense.ansibleguy.net)
 
-You want a simple Ansible GUI? Check-out my [Ansible WebUI](https://github.com/ansibleguy/webui)
-
 ----
 
-## Sponsor
+## Advertisement
+
+* Need **professional support** using Ansible or OPNSense? Contact us:
+
+  E-Mail: [[email protected]](mailto:[email protected])
+
+  Tel: [+43 720 302 5732](tel:+437203025732)
+
+  Web: [EN](https://www.o-x-l.com) | [DE](https://www.oxl.at)
+
+  Language: German or English
+
+* You want a simple **Ansible GUI**?
+
+  Check-out this [Ansible WebUI](https://github.com/ansibleguy/webui)
 
-It was a lot of work (100+ hours) to get those modules working.
+* It was a lot of work (100+ hours) to get those modules working.
 
-If you are happy with the functionality they provide: please [consider donating a few bucks](https://ko-fi.com/ansible0guy)
+  If you are happy with the functionality they provide: please [consider donating a few bucks](https://ko-fi.com/ansible0guy)
 
 ----
 

diff --git a/docs/source/modules/interface.rst b/docs/source/modules/interface.rst
@@ -11,13 +11,17 @@ Interface
 
 **TESTS**: `vlan <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_vlan.yml>`_ |
 `vxlan <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_vxlan.yml>`_ |
-`vip <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_vip.yml>`_
+`vip <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_vip.yml>`_ |
+`lagg <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_lagg.yml>`_ |
+`loopback <https://github.com/ansibleguy/collection_opnsense/blob/latest/tests/interface_loopback.yml>`_
 
 **API Docs**: `Core - Interfaces <https://docs.opnsense.org/development/api/core/interfaces.html>`_
 
 **Service Docs**: `VLAN Docs <https://docs.opnsense.org/manual/other-interfaces.html?highlight=vlan#vlan>`_ |
 `VxLAN Docs <https://docs.opnsense.org/manual/other-interfaces.html?highlight=vlan#vxlan>`_ |
-`VIP Docs <https://docs.opnsense.org/manual/firewall_vip.html>`_
+`VIP Docs <https://docs.opnsense.org/manual/firewall_vip.html>`_ |
+`LAGG Docs <https://docs.opnsense.org/manual/other-interfaces.html?highlight=lagg#lagg>`_ |
+`Loopback Docs <https://docs.opnsense.org/manual/other-interfaces.html?highlight=loopback#loopback>`_
 
 
 Info
@@ -38,12 +42,16 @@ ansibleguy.opnsense.interface_vip
 
 This module manages VIP configuration that can be found in the WEB-UI menu: 'Interfaces - Virtual IPs - Settings'
 
-
 ansibleguy.opnsense.interface_lagg
 ===================================
 
 This module manages LAGG configuration that can be found in the WEB-UI menu: 'Interfaces - Other Types - LAGG'
 
+ansibleguy.opnsense.interface_loopback
+===================================
+
+This module manages Loopback configuration that can be found in the WEB-UI menu: 'Interfaces - Other Types - Loopback'
+
 
 Definition
 **********
@@ -102,7 +110,7 @@ ansibleguy.opnsense.interface_vip
 
 
 ansibleguy.opnsense.interface_lagg
-=================================
+==================================
 
 .. warning::
 
@@ -125,6 +133,16 @@ ansibleguy.opnsense.interface_lagg
     "description","string","true","\-","desc, name","The description used to match the configured entries to the existing ones"
     "reload","boolean","false","true","\-", .. include:: ../_include/param_reload.rst
 
+ansibleguy.opnsense.interface_loopback
+======================================
+
+..  csv-table:: Definition
+    :header: "Parameter", "Type", "Required", "Default", "Aliases", "Comment"
+    :widths: 15 10 10 10 10 45
+
+    "description","string","true","\-","desc, name","The unique description used to match the configured entries to the existing ones"
+    "reload","boolean","false","true","\-", .. include:: ../_include/param_reload.rst
+
 
 Examples
 ********
@@ -280,7 +298,7 @@ ansibleguy.opnsense.interface_vip
             state: 'absent'
 
 ansibleguy.opnsense.interface_lagg
-=================================
+==================================
 
 .. code-block:: yaml
 
@@ -327,7 +345,48 @@ ansibleguy.opnsense.interface_lagg
             var: existing_entries.data
     
         - name: Removing LAGG
-          ansibleguy.opnsense.interface_vip:
+          ansibleguy.opnsense.interface_lagg:
             device: lagg0
             match_fields: ['device']
             state: 'absent'
+
+ansibleguy.opnsense.interface_loopback
+======================================
+
+.. code-block:: yaml
+
+    - hosts: localhost
+      gather_facts: no
+      module_defaults:
+        group/ansibleguy.opnsense.all:
+          firewall: 'opnsense.template.ansibleguy.net'
+          api_credential_file: '/home/guy/.secret/opn.key'
+    
+        ansibleguy.opnsense.list:
+          target: 'interface_loopback'
+    
+      tasks:
+        - name: Example
+          ansibleguy.opnsense.interface_loopback:
+            description: 'MyLoopback'
+            # debug: false
+            # state: 'present'
+            # reload: true
+    
+        - name: Adding Loopback
+          ansibleguy.opnsense.interface_loopback:
+            description: 'MyLoopback'
+    
+        - name: Listing
+          ansibleguy.opnsense.list:
+          #  target: 'interface_loopback'
+          register: existing_entries
+    
+        - name: Printing Loopbacks
+          ansible.builtin.debug:
+            var: existing_entries.data
+    
+        - name: Removing Loopback
+          ansibleguy.opnsense.interface_loopback:
+            description: 'MyLoopback'
+            state: 'absent'
diff --git a/meta/runtime.yml b/meta/runtime.yml
@@ -48,6 +48,7 @@ action_groups:
     - ansibleguy.opnsense.interface_vxlan
     - ansibleguy.opnsense.interface_vip
     - ansibleguy.opnsense.interface_lagg
+    - ansibleguy.opnsense.interface_loopback
   frr:
     - ansibleguy.opnsense.frr_diagnostic
     - ansibleguy.opnsense.frr_general

diff --git a/plugins/module_utils/helper/main.py b/plugins/module_utils/helper/main.py
@@ -506,6 +506,6 @@ def unset_check_error(params: dict, field: str, fail: bool) -> bool:
     return True
 
 def sanitize_module_args(args: dict) -> dict:
-    args.pop('api_key')
-    args.pop('api_secret')
+    args.pop('api_key', None)
+    args.pop('api_secret', None)
     return args
diff --git a/plugins/module_utils/helper/rule.py b/plugins/module_utils/helper/rule.py
@@ -2,6 +2,8 @@
 
 from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.main import \
     get_matching
+from ansible_collections.ansibleguy.opnsense.plugins.module_utils.defaults.rule import \
+     RULE_DEFAULTS
 
 
 def validate_values(error_func, module: AnsibleModule, cnf: dict) -> None:
@@ -45,6 +47,11 @@ def check_purge_configured(module: AnsibleModule, existing_rule: dict) -> bool:
         if rule_config is None:
             rule_config = {}
 
+        rule_config = {
+            **RULE_DEFAULTS,
+            **rule_config,
+        }
+
         rule_config[module.params['key_field']] = rule_key
         configured_rules.append(rule_config)
 

diff --git a/plugins/module_utils/main/interface_loopback.py b/plugins/module_utils/main/interface_loopback.py
@@ -0,0 +1,30 @@
+from ansible.module_utils.basic import AnsibleModule
+
+from ansible_collections.ansibleguy.opnsense.plugins.module_utils.base.api import \
+    Session
+from ansible_collections.ansibleguy.opnsense.plugins.module_utils.base.cls import BaseModule
+
+
+class Loopback(BaseModule):
+    FIELD_ID = 'description'
+    CMDS = {
+        'add': 'addItem',
+        'del': 'delItem',
+        'set': 'setItem',
+        'search': 'get',
+    }
+    API_KEY_PATH = 'loopback.loopback'
+    API_MOD = 'interfaces'
+    API_CONT = 'loopback_settings'
+    API_CMD_REL = 'reconfigure'
+    FIELDS_CHANGE = []
+    FIELDS_ALL = [FIELD_ID]
+    FIELDS_TYPING = {}
+    EXIST_ATTR = 'interface'
+
+    def __init__(self, module: AnsibleModule, result: dict, session: Session = None):
+        BaseModule.__init__(self=self, m=module, r=result, s=session)
+        self.interface = {}
+
+    def check(self) -> None:
+        self._base_check()
diff --git a/plugins/module_utils/main/rule.py b/plugins/module_utils/main/rule.py
@@ -25,7 +25,7 @@ class Rule(BaseModule):
         'sequence', 'action', 'quick', 'interface', 'direction',
         'ip_protocol', 'protocol', 'source_invert', 'source_net', 'source_port',
         'destination_invert', 'destination_net', 'destination_port', 'log',
-        'description',
+        'description', 'gateway',
     ]
     FIELDS_ALL = ['enabled']
     FIELDS_ALL.extend(FIELDS_CHANGE)

diff --git a/plugins/modules/interface_loopback.py b/plugins/modules/interface_loopback.py
@@ -0,0 +1,58 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+
+# Copyright: (C) 2024, AnsibleGuy <[email protected]>
+# GNU General Public License v3.0+ (see https://www.gnu.org/licenses/gpl-3.0.txt)
+
+# template to be copied to implement new modules
+
+from ansible.module_utils.basic import AnsibleModule
+
+from ansible_collections.ansibleguy.opnsense.plugins.module_utils.base.handler import \
+    module_dependency_error, MODULE_EXCEPTIONS
+
+try:
+    from ansible_collections.ansibleguy.opnsense.plugins.module_utils.helper.wrapper import module_wrapper
+    from ansible_collections.ansibleguy.opnsense.plugins.module_utils.defaults.main import \
+        OPN_MOD_ARGS, STATE_MOD_ARG, RELOAD_MOD_ARG
+    from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.interface_loopback import Loopback
+
+except MODULE_EXCEPTIONS:
+    module_dependency_error()
+
+
+# DOCUMENTATION = 'https://opnsense.ansibleguy.net/en/latest/modules/interface_loopback.html'
+# EXAMPLES = 'https://opnsense.ansibleguy.net/en/latest/modules/interface_loopback.html'
+
+
+def run_module():
+    module_args = dict(
+        description=dict(type='str', required=True, aliases=['desc']),
+        **RELOAD_MOD_ARG,
+        **STATE_MOD_ARG,
+        **OPN_MOD_ARGS,
+    )
+
+    result = dict(
+        changed=False,
+        diff={
+            'before': {},
+            'after': {},
+        }
+    )
+
+    module = AnsibleModule(
+        argument_spec=module_args,
+        supports_check_mode=True,
+    )
+
+    module_wrapper(Loopback(module=module, result=result))
+    module.exit_json(**result)
+
+
+def main():
+    run_module()
+
+
+if __name__ == '__main__':
+    main()
diff --git a/plugins/modules/list.py b/plugins/modules/list.py
@@ -36,7 +36,7 @@
     'ipsec_child', 'ipsec_vti', 'ipsec_auth_local', 'ipsec_auth_remote', 'frr_general', 'unbound_general',
     'unbound_acl', 'ids_general', 'ids_policy', 'ids_rule', 'ids_ruleset', 'ids_user_rule', 'ids_policy_rule',
     'openvpn_instance', 'openvpn_static_key', 'openvpn_client_override', 'dhcrelay_destination', 'dhcrelay_relay',
-    'interface_lagg', 'unbound_dnsbl',
+    'interface_lagg', 'interface_loopback', 'unbound_dnsbl',
 ]
 
 
@@ -183,6 +183,10 @@ def run_module():
             from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.interface_lagg import \
                 Lagg as Target_Obj
 
+        elif target == 'interface_loopback':
+            from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.interface_loopback import \
+                Loopback as Target_Obj
+
         elif target == 'source_nat':
             from ansible_collections.ansibleguy.opnsense.plugins.module_utils.main.source_nat import \
                 SNat as Target_Obj

diff --git a/scripts/test.sh b/scripts/test.sh
@@ -87,6 +87,7 @@ run_test 'interface_vlan' 1
 run_test 'interface_vxlan' 1
 run_test 'interface_vip' 1
 run_test 'interface_lagg' 1
+run_test 'interface_loopback' 1
 run_test 'source_nat' 1
 run_test 'frr_diagnostic' 1
 run_test 'frr_general' 1

diff --git a/tests/cleanup.yml b/tests/cleanup.yml
@@ -249,11 +249,8 @@
 
     - name: Cleanup lagg interfaces
       ansibleguy.opnsense.interface_lagg:
-        members:
-          - "{{ if_lag }}"
+        device: 'lagg0'
         state: 'absent'
-      vars:
-        if_lag: "{{ lookup('ansible.builtin.env', 'TEST_FIREWALL_LAGG_IF') | default('vtnet2', true) }}"
 
     - name: Cleanup source-nat
       ansibleguy.opnsense.source_nat:

diff --git a/tests/interface_lagg.yml b/tests/interface_lagg.yml
@@ -72,17 +72,13 @@
       register: opn3
       failed_when: >
         'data' not in opn3 or
-        opn3.data | length != 4
+        opn3.data | length != 1
       when: not ansible_check_mode
 
-    - name: Removing 2
+    - name: Cleanup
       ansibleguy.opnsense.interface_lagg:
         device: 'lagg0'
         state: 'absent'
-      register: opn4
-      failed_when: >
-        opn4.failed or
-        not opn4.changed
       when: not ansible_check_mode
 
     - name: Listing