Tip

Check out the repository on GitHub

Route

STATE: unstable

TESTS: Playbook

API Docs: Core - Routes

Service Docs: Routes

Definition

Definition

Parameter

Type

Required

Default

Aliases

Comment

gateway

string

true

-

gw

An existing gateway that should be used as target for the network. The network ip protocol (IPv4/IPv6) must be the same! WARNING: You need to supply the gateways short-name as can be seen in the WEB-UI menu ‘System - Gateways - Single - Name’

network

string

true

-

nw, net

Network to route. The network ip protocol (IPv4/IPv6) must be the same!

description

string

false

-

desc

Optional description for the route. Could be used as unique-identifier when set as only ‘match_field’.

match_fields

list of strings

false

[‘network’, ‘gateway’]

-

Fields that are used to match configured routes with the running config - if any of those fields are changed, the module will think it’s a new route

reload

boolean

false

true

-

If the running config should be reloaded on change - this may take some time. For mass-managing items you might want to reload it ‘manually’ after all changes are done => using the ansibleguy.opnsense.reload module.

For basic parameters see: Basic

Usage

First you will have to know about route-matching.

The module somehow needs to link the configured and existing routes to manage them.

You can to set how this matching is done by setting the ‘match_fields’ parameter!

The default behaviour is that a route is matched by its ‘gateway’ and ‘network’.

However - it is recommended to use/set ‘description’ as unique identifier if many routes are used.

Examples

- hosts: localhost
  gather_facts: no
  module_defaults:
    group/ansibleguy.opnsense.all:
      firewall: 'opnsense.template.ansibleguy.net'
      api_credential_file: '/home/guy/.secret/opn.key'

    ansibleguy.opnsense.route:
      match_fields: ['description']

    ansibleguy.opnsense.list:
      target: 'route'

  tasks:
    - name: Example
      ansibleguy.opnsense.route:
        description: 'test1'
        network: '172.16.0.0/12'
        gateway: 'LAN_GW'
        # match_fields: ['description']
        # enabled: true
        # debug: false
        # state: 'present'

    - name: Adding route
      ansibleguy.opnsense.route:
        description: 'test2'
        network: '10.206.0.0/16'
        gateway: 'VPN_GW'
        # match_fields: ['description']

    - name: Disabling route
      ansibleguy.opnsense.route:
        description: 'test3'
        network: '10.55.0.0/16'
        gateway: 'VPN_GW'
        enabled: false
        # match_fields: ['description']

    - name: Listing routes
      ansibleguy.opnsense.list:
      #  target: 'route'
      register: existing_entries

    - name: Printing routes
      ansible.builtin.debug:
        var: existing_entries.data

    - name: Removing route 'test3'
      ansibleguy.opnsense.route:
        description: 'test3'
        network: '10.55.0.0/16'
        gateway: 'VPN_GW'
        state: 'absent'
        match_fields: ['description']