Unattended setup Zenarmor

[matgel]

Hello Everyone,

We are very happy with Zenarmor and are planning to roll it out widely across our OPNsense firewalls. The only obstacle we're facing is that part of the deployment needs to be done via the web GUI. We'd like to make the setup fully unattended, without using the web GUI.

I am able to pre-install the Zenarmor packages and dependencies (like Elasticsearch), but the configuration through the web GUI also triggers several scripts on the firewall.

During the setup via the web GUI, two scripts are executed:

/bin/sh /usr/local/opnsense/scripts/OPNsense/Zenarmor/reinstall_elasticsearch8.sh false
/usr/local/zenarmor/py_venv/bin/python3 /usr/local/opnsense/scripts/OPNsense/Zenarmor/nodes_status.py

Could you please let me know if it is possible to fully complete the setup without the web GUI, simply by executing the scripts located in /usr/local/opnsense/scripts/OPNsense/Zenarmor/ and will everything word as expected?

Thanks

Mateusz

[ureyni]

Hi @matgel,
Glad to hear that you're enjoying Zenarmor.
As far as I can understand, you'll need a script that takes some parameters like interface to be protected, deployment mode, and maybe a subscription activation key to run and complete the initial configuration screens with a single pass.
Is that correct?
If so, this has been indeed requested by some other clients as well and we have a development ticket for it. Please reach out to support so that we can keep you updated on this - and possibly provide a test package for you to try once we have a beta.
How does that sound?

[matgel]

Hi,

Sounds great. I will send an e-mail to support -at- sunnyvalley.io.

Thanks!