Version 3

[rvalle]

We have been using this role for some weeks now, we are gathering ideas for a next major release.

We have identified the following issues:

• the key/value pattern generates very verbose files, would be nice to use plain yml dictionary instead.
• the use of arrays to list properties do not allow for merging, which makes it difficult to share configurations among devices.

With regards to the second point, consider the following example: setting up aliases, when you want some aliases to be present on all devices, some other aliases to be shared for devices in a given group and some aliases to be specific for the device.

Having the ability to merge dictionaries present on multiple files of the catalogue allows for much better structuring and sharing of configuration.

Unfortunately only dictionaries can be merged, as they dont have a particular order of properties, while arrays cannot.

Any other things that could be included in a next release of the role?

[systembell]

Not using this yet but will be soon, and package management (specifically for plugin installation) would be extremely useful, along w/ inclusion of WireGuard in VPN.

[rvalle]

@systembell I have VPN working, but with openvpn. In order to progress further I want to setup automated CI tests, and for that I need a cloud image of the appliance.... or create a script for generating it.

[rudibroekhuizen]

We used the scripts in this repo to create images using packer. You can find an OPNsense VirtualBox image here.

[rvalle]

thanks @rudibroekhuizen, actually I did restart this.

I will try to see if it still goes with the new release.

I have not updated my opnsese, as I don't know if these ansible scripts will continue to work.