Update README.md #147
Open
Update README.md #147
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Enhance README with detailed instructions for setting up Ansible with pfSense. Expanded the user setup guide to include additional details aimed at users with limited Ansible experience, ensuring clarity and accessibility for beginners.
opoplawski
requested changes
Jan 26, 2025
| @@ -48,15 +48,56 @@ pfSense < 2.4.5: | |||
| ansible_python_interpreter: /usr/local/bin/python2.7 | |||
| ``` | |||
|
|
|||
| Modules must run as root in order to make changes to the system. By default pfSense does not have sudo capability so `become` will not work. You can install it with: | |||
| ``` | |||
| To set up pfSense to be managed by Ansible, ensure the `pfSense-pkg-sudo` package is installed. This package is necessary because Ansible requires root privileges to make changes, and the default pfSense setup lacks sudo capabilities, meaning `become` will not function without it. You can install the package using the following Ansible code or manually install it by navigating to System > Package Manager > Available Packages. | |||
There was a problem hiding this comment.
I don't want to say that you have to install the sudo package - users could still connect to pfsense as root.
| ``` | ||
| To set up pfSense to be managed by Ansible, ensure the `pfSense-pkg-sudo` package is installed. This package is necessary because Ansible requires root privileges to make changes, and the default pfSense setup lacks sudo capabilities, meaning `become` will not function without it. You can install the package using the following Ansible code or manually install it by navigating to System > Package Manager > Available Packages. | ||
|
|
||
| ```yaml |
There was a problem hiding this comment.
I see now that this play would need the inventory setup first. Also, it would definitely need to connect as root.
| - name: "Install packages" | ||
| package: | ||
| name: | ||
| - pfSense-pkg-sudo | ||
| state: present | ||
| ``` | ||
| and then configure sudo so that your user has permission to use sudo. | ||
|
|
||
| Next create a user account under System > User Manager > Users. This account will be used by Ansible to interact with the pfSense firewall. Assign the user to the admins group and configure it with an SSH key for secure access. |
There was a problem hiding this comment.
Could there be an ansible task for this?
|
|
||
| ```ini | ||
| [pfsense] | ||
| 192.168.0.1 ansible_user=ansible ansible_ssh_private_key_file="id_rsa" ansible_become_pass="ansible" |
There was a problem hiding this comment.
I really don't like suggesting people store passwords in plain text files.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Enhance README with detailed instructions for setting up Ansible with pfSense. Expanded the user setup guide to include additional details aimed at users with limited Ansible experience, ensuring clarity and accessibility for beginners.