Messages

Hi,

so the basic command for getting information would be something like that:

Code Select Expand

curl -k -u {{ opnsense_key }}:{{ opnsense_secret }} https://{{ fwhost }}/api/wireguard/client/searchClient

Sadly I'm also struggling with the creation of users through the API:
https://forum.opnsense.org/index.php?topic=30810.0

From what I have found, something like that should work:

Code Select Expand

curl -X POST -d '{"enabled":"1","name":"test.user","pubkey":"$key","tunneladdress":"xxx.xxx.xxx.xxx/xx"}' -H "Content-Type: application/json" -k -u $key:$secret https://$IP/api/wireguard/client/addClient
Where you could run it in a Python script and pass the different values for the variables.

Sadly this isn't working for me right now, but I hope it helped at least a bit.

Hello,

I'm trying to create Wireguard users through the OPNsense API.
To automate it I'm using Ansible.

So I run this command to get all the users

Code Select Expand

- name: Get existing users
  ansible.builtin.uri:
    url: https://{{ fwhost }}/api/wireguard/client/searchClient   
    method: GET
    user: "{{ opnsense_key }}"
    password: "{{ opnsense_secret }}"
    force_basic_auth: true
    validate_certs: false
    return_content: false
  register: wg
Which is the same as

Code Select Expand

curl -k -u {{ opnsense_key }}:{{ opnsense_secret }} https://{{ fwhost }}/api/wireguard/client/searchClient
It is working fine and I get all infos for the users.

Now when I try to create users with the command:

Code Select Expand

- name: Create users
  ansible.builtin.uri:
    url: https://{{ fwhost }}/api/wireguard/client/addClient
    method: POST
    url_username: "{{ opnsense_key }}"
    url_password: "{{ opnsense_secret }}"
    force_basic_auth: true
    validate_certs: false
    return_content: true
    headers:
      Content-Type: application/json
    body_format: json
    body:
      enabled: true
      name: "{{ item.key }}"
      pubkey: "{{ keys }}"
      tunneladdress: "{{ item.value.tunneladdress }}"
  with_dict:
    - "{{ wireguard_users }}"
  register: result
Then I just get the message: "result": "failed"

I have not found any information on this error or how to use the API for Wireguard except this https://docs.opnsense.org/development/api/plugins/wireguard.html which is not very helpfull.

When run the curl command

Code Select Expand

curl -X POST -d '{"enabled":"1","name":"test.user","pubkey":"$key","tunneladdress":"xxx.xxx.xxx.xxx/xx"}' -H "Content-Type: application/json" -k -u $key:$secret https://$IP/api/wireguard/client/addClient
I get the same message {"result":"failed"}.

There is nothing to find in any log files, so what am I doing wrong?

Thank you in advance.

Hello.

We have three firewalls in a HA setup.
For this firewall 1 syncs the config to firewall 2 and 2 syncs it to number 3.

Now we wanted to automate the syncing through the "HA update and reconfigure backup" cronjob.
While it is running fine on firewall 1, number 2 won't run the job automatically.
I looked up this and it seems that this is on purpose on firewalls that are not the master.
But while digging I also noticed, that on firewalls 2 and 3 the "update and reload intrusion detection rules" cronjob is also not running at all.

So why are these jobs not running on the standby firewalls?
How can i configure firewall 2 to run the config sync periodically?
Is there any way to run these jobs through the CLI?

Thank you in advance!