Remove useless role. Basic setup for OpnSense

2025-05-22 14:34:15 -04:00
parent 358f6b0067
commit 7e75fa0199
16 changed files with 181 additions and 161 deletions
--- a/playbooks/opnsense.yml
+++ b/playbooks/opnsense.yml
@@ -1,32 +1,55 @@
 ---
- name: Get info on the existing host entries
-  hosts: localhost
+- name: Configure DHCP
+  hosts: opnsense
  gather_facts: false
  module_defaults:
    group/ansibleguy.opnsense.all:
-      firewall: '{{ lookup("env","OPNSENSE_HOST") }}'
-      api_key: '{{ lookup("env","OPNSENSE_API_KEY") }}'
-      api_secret: '{{ lookup("env","OPNSENSE_API_SECRET") }}'
-      api_port: 8443
-
-    ansibleguy.opnsense.unbound_host:
-      match_fields: ['description']
-
-    ansibleguy.opnsense.list:
-      target: 'unbound_host'
+      firewall: "{{ opnsense_host }}"
+      api_key: "{{ opnsense_api_key }}"
+      api_secret: "{{ opnsense_api_secret }}"
+      ssl_verify: false
+      api_port: "{{ opnsense_api_port|default(omit) }}"

  tasks:
-    - name: Listing hosts # noqa args[module]
-      ansibleguy.opnsense.list:
-        target: 'unbound_host'
-      register: existing_entries
+    # TODO: Clean up subnet / reservation structure
+    - name: Configure KEA DHCP Server
+      ansibleguy.opnsense.dhcp_general:
+        enabled: "{{ dhcp_enabled }}"
+        interfaces: "{{ dhcp_interfaces }}"
+      delegate_to: localhost

-    - name: Printing entries
-      ansible.builtin.debug:
-        var: existing_entries.data
+    - name: Add subnet
+      ansibleguy.opnsense.dhcp_subnet:
+        subnet: "{{ item.subnet }}"
+        pools: "{{ item.pools }}"
+        auto_options: false
+        gateway: '{{ item.gateway }}'
+        dns: '{{ item.dns }}'
+        domain: '{{ item.domain }}'
+        reload: false
+      delegate_to: localhost
+      loop: "{{ dhcp_subnets }}"

-    - name: Generate csv from template
-      ansible.builtin.template:
-        src: ../templates/hosts.j2
-        mode: "0644"
-        dest: "/data/output.csv"
+    - name: Get all dhcp_reservations_* variables from hostvars
+      ansible.builtin.set_fact:
+        all_dhcp_reservations: >-
+          {{
+            hostvars[inventory_hostname] | dict2items
+            | selectattr('key', 'match', '^dhcp_reservations_')
+            | map(attribute='value')
+            | flatten
+            | selectattr('type', 'match', 'static')
+          }}
+
+    - name: Add DHCP Reservations
+      ansibleguy.opnsense.dhcp_reservation:
+        hostname: "{{ item.hostname }}"
+        mac: "{{ item.mac }}"
+        ip: "{{ item.address }}"
+        subnet: "{{ item.address | ansible.utils.ipsubnet(24) }}"
+        description: "{{ item.description | default('') }}"
+        reload: false
+      delegate_to: localhost
+      loop: "{{ all_dhcp_reservations }}"
+
+    - name: Add HAProxy