I am trying to monitor the status of my WAN gateway using Uptime Kuma and the OPNsense API. Despite my best efforts and google skills, I cannot get it to work and would appreciate any help. The monitor is showing red/down continually and there are no errors in the Uptime Kuma messages area. I am pretty sure it is an error in the way I am configuring Uptime Kuma. Here's what I have done:
1) Setup a new user, with access to the Gateways and generated the key/secret
2) Used CURL -k -u "<key>":"<secret>" https://myIP/api/routes/gateway/status from the Uptime Kuma console and I get the expected response
3) Configured Uptime Kuma as follows:
- Monitor type = HTTP(s)-Json Query and the URL is the same as in step #2
- Json Query expression and associated fields are set to $.status == ok
- Method is GET, body encoding is JSON and body/header fields are blank
- Authentication is set to basic auth and I put the key/secret into the username/password fields
I've tried various combinations of putting the authorization into the header/body, encoding the key/secret into base64, checking/unchecking the "ignore TLS/SSL errors". I'm probably just not using the right combination of things.
I just did that and it works fine the way you described it - although the $.status probably is only the request status, not the status of a specific gateway in the response (you would have to select that).
Of course, you have to have an API key and secret, those must not be quoted in the Uptime Kuma input fields. You can use them verbatim as in the curl parameters. The key must be associated to a user that has the appropriate permissions, but if it did not, you would be getting an error with curl as well.
Since you do not get any qualified error at all: Can your Uptime Kuma instance access the HTTPS port of your OpnSense or is it blocked by a firewall rule? You can check by using a plain HTTPS request.
Thank you Meyergru! You led me to the right solution. In researching how to parse the status of the specific gateway, I realized that I was using the wrong JSON expression notation. Uptime Kuma uses JSONata and not JSONpath. I also learned that if you clear off the last error message and the same error exists, you won't get a new error message. In case anyone else finds this thread:
* You can query for a specific gateway status using: items[name="WAN_DHCP"].status_translated == Online where WAN_DHCP should be replaced with the gateway name you want to monitor
* The correct syntax for a simple API test is status == ok (not $.status == ok)
* Select basic auth from the Authentication method dropdown, put the key in for the username and the secret for the password
If you just need basic up/down monitoring in your home lab, I highly recommend Uptime Puma.