Merge branch 'latest' into acme

ansibleguy · Jan 5, 2025 · d53a138 · d53a138
2 parents a9889eb + e761060
commit d53a138
Show file tree

Hide file tree

Showing 6 changed files with 104 additions and 20 deletions.
diff --git a/README.md b/README.md
@@ -45,41 +45,38 @@ If you DO NOT want to use Ansible - [this fork](https://github.com/O-X-L/opnsens
 
 ----
 
-## Advertisement
-
-* Need **professional support** using Ansible or OPNSense? Contact us:
-
-  E-Mail: [[email protected]](mailto:[email protected])
+## Contribute
 
-  Tel: [+43 3115 40 900 0](tel:+433115409000)
+Feel free to contribute to this project using [pull-requests](https://github.com/ansibleguy/collection_opnsense/pulls), [issues](https://github.com/ansibleguy/collection_opnsense/issues) and [discussions](https://github.com/ansibleguy/collection_opnsense/discussions)!
 
-  Web: [EN](https://www.o-x-l.com) | [DE](https://www.oxl.at)
+See also: [Contributing](https://github.com/ansibleguy/collection_opnsense/blob/latest/CONTRIBUTING.md)
 
-  Language: German or English
+<img src="https://contrib.rocks/image?repo=ansibleguy/collection_opnsense&max=7" />
 
-* You want a simple **Ansible GUI**?
+----
 
-  Check-out this [Ansible WebUI](https://github.com/ansibleguy/webui)
+## Version Support
 
-* It was a lot of work (100+ hours) to get those modules working.
+The `ansibleguy.opnsense` modules always support the latest version of OPNSense.
 
-  If you are happy with the functionality they provide: please [consider donating a few bucks](https://ko-fi.com/ansible0guy)
+If an API changed, the current module-implementation might fail for firewalls running an older firmware.
 
 ----
 
-## Contribute
+## Advertisement
 
-Feel free to contribute to this project using [pull-requests](https://github.com/ansibleguy/collection_opnsense/pulls), [issues](https://github.com/ansibleguy/collection_opnsense/issues) and [discussions](https://github.com/ansibleguy/collection_opnsense/discussions)!
+* Need **professional support** using Ansible or OPNSense? Contact us:
 
-See also: [Contributing](https://github.com/ansibleguy/collection_opnsense/blob/latest/CONTRIBUTING.md)
+  E-Mail: [[email protected]](mailto:[email protected])
 
-----
+  Tel: [+43 3115 40 900 0](tel:+433115409000)
 
-## Version Support
+  Web: [EN](https://www.o-x-l.com) | [DE](https://www.oxl.at)
 
-The `ansibleguy.opnsense` modules always support the latest version of OPNSense.
 
-If an API changed, the current module-implementation might fail for firewalls running an older firmware.
+* You want a simple **Ansible GUI**?
+
+  Check-out this [Ansible WebUI](https://github.com/ansibleguy/webui)
 
 ----
 

diff --git a/plugins/module_utils/main/interface_vip.py b/plugins/module_utils/main/interface_vip.py
@@ -20,6 +20,7 @@ class Vip(BaseModule):
     FIELDS_CHANGE = [
         'address', 'mode', 'expand', 'bind', 'gateway', 'password', 'vhid',
         'advertising_base', 'advertising_skew', 'description', 'interface',
+        'peer', 'peer6',
     ]
     FIELDS_ALL = FIELDS_CHANGE
     FIELDS_TRANSLATE = {

diff --git a/plugins/modules/interface_vip.py b/plugins/modules/interface_vip.py
@@ -51,6 +51,18 @@ def run_module():
             description='For some interface types a gateway is required to configure an '
                         'IP Alias (ppp/pppoe/tun), leave this field empty for all other interface types'
         ),
+        peer=dict(
+            type='str', required=False,
+            description='Destination address to use when announcing, defaults to multicast, '
+                        'but can be configured as unicast address when multicast can not be '
+                        'used (for example with cloud providers)'
+        ),
+        peer6=dict(
+            type='str', required=False,
+            description='Destination address to use when announcing, defaults to multicast, '
+                        'but can be configured as unicast address when multicast can not be '
+                        'used (for example with cloud providers)'
+        ),
         password=dict(
             type='str', required=False, aliases=['pwd'],
             description='VHID group password', no_log=True,

diff --git a/requirements_test.txt b/requirements_test.txt
@@ -1 +1,2 @@
-jmespath
+jmespath
+httpx
diff --git a/tests/1_cleanup.yml b/tests/1_cleanup.yml
@@ -216,6 +216,7 @@
       loop:
         - {int: 'lan', ip: '192.168.1.1/30'}
         - {int: 'opt1', ip: '192.168.2.1/24'}
+        - {int: 'opt1', ip: '2001:db8::1/128'}
 
     - name: Cleanup vlan interfaces
       ansibleguy.opnsense.interface_vlan:

diff --git a/tests/interface_vip.yml b/tests/interface_vip.yml
@@ -94,6 +94,77 @@
         not opn7.changed
       when: not ansible_check_mode
 
+    - name: Adding 3 - unicast peer
+      ansibleguy.opnsense.interface_vip:
+        interface: 'opt1'
+        address: '192.168.2.1/24'
+        mode: 'carp'
+        peer: '192.168.3.3'
+        vhid: 10
+        password: 'top_secret'
+        advertising_base: 2
+        advertising_skew: 1
+        bind: false
+      register: opn_carpuni1
+      failed_when: >
+        opn_carpuni1.failed or
+        not opn_carpuni1.changed
+
+    - name: Removing 3
+      ansibleguy.opnsense.interface_vip:
+        interface: 'opt1'
+        address: '192.168.2.1/24'
+        state: 'absent'
+      register: opn_carpuni2
+      failed_when: >
+        opn_carpuni2.failed or
+        not opn_carpuni2.changed
+      when: not ansible_check_mode
+
+    - name: Adding 4 - unicast peer6
+      ansibleguy.opnsense.interface_vip:
+        interface: 'opt1'
+        address: '2001:db8::1/128'
+        mode: 'carp'
+        peer6: '2001:db8::3'
+        vhid: 10
+        password: 'top_secret'
+        advertising_base: 2
+        advertising_skew: 1
+        bind: false
+      register: opn_carpuni3
+      failed_when: >
+        opn_carpuni3.failed or
+        not opn_carpuni3.changed
+
+    - name: Adding 4 - nothing changed
+      ansibleguy.opnsense.interface_vip:
+        interface: 'opt1'
+        address: '2001:db8::1/128'
+        mode: 'carp'
+        peer6: '2001:db8::3'
+        vhid: 10
+        password: 'top_secret'
+        advertising_base: 2
+        advertising_skew: 1
+        bind: false
+      register: opn_carpuni4
+      failed_when: >
+        opn_carpuni4.failed or
+        opn_carpuni4.changed
+      when: not ansible_check_mode
+
+    - name: Removing 4
+      ansibleguy.opnsense.interface_vip:
+        interface: 'opt1'
+        address: '2001:db8::1/128'
+        state: 'absent'
+      register: opn_carpuni4
+      failed_when: >
+        opn_carpuni4.failed or
+        not opn_carpuni4.changed
+      when: not ansible_check_mode
+
     - name: Listing
       ansibleguy.opnsense.list:
       register: opn8
@@ -110,6 +181,7 @@
       loop:
         - {int: 'lan', ip: '192.168.1.1/30'}
         - {int: 'opt1', ip: '192.168.2.1/24'}
+        - {int: 'opt1', ip: '2001:db8::1/128'}
       when: not ansible_check_mode
 
     - name: Listing