feat: initialize Terraform Plugin Framework (#23)

* feat: initialize Terraform Plugin Framework * fix docker-compose path for tests * fix: ensure documentation can be generated with old provider SDK and new plugin framework * lint
2025-02-24 00:11:41 +01:00
parent ccde06a322
commit 325d7b7f20
91 changed files with 1005 additions and 705 deletions
--- a/docs/data-sources/account.md
+++ b/docs/data-sources/account.md
@@ -8,7 +8,7 @@ description: |-

 # unifi_account (Data Source)

-`unifi_account` data source can be used to retrieve RADIUS user accounts
+unifi_account data source can be used to retrieve RADIUS user accounts



@@ -30,5 +30,3 @@ description: |-
 - `password` (String, Sensitive) The password of the account.
 - `tunnel_medium_type` (Number) See RFC2868 section 3.2
 - `tunnel_type` (Number) See RFC2868 section 3.1
-
-
--- a/docs/data-sources/ap_group.md
+++ b/docs/data-sources/ap_group.md
@@ -28,5 +28,3 @@ data "unifi_ap_group" "default" {
 ### Read-Only

 - `id` (String) The ID of this AP group.
-
-
--- a/docs/data-sources/network.md
+++ b/docs/data-sources/network.md
@@ -83,5 +83,3 @@ data "unifi_network" "my_network" {
 - `wan_type_v6` (String) Specifies the IPV6 WAN connection type. Must be one of either `disabled`, `static`, or `dhcpv6`.
 - `wan_username` (String) Specifies the IPV4 WAN username.
 - `x_wan_password` (String) Specifies the IPV4 WAN password.
-
-
--- a/docs/data-sources/port_profile.md
+++ b/docs/data-sources/port_profile.md
@@ -28,5 +28,3 @@ data "unifi_port_profile" "all" {
 ### Read-Only

 - `id` (String) The ID of this port profile.
-
-
--- a/docs/data-sources/radius_profile.md
+++ b/docs/data-sources/radius_profile.md
@@ -23,5 +23,3 @@ description: |-
 ### Read-Only

 - `id` (String) The ID of this AP group.
-
-
--- a/docs/data-sources/user.md
+++ b/docs/data-sources/user.md
@@ -42,5 +42,3 @@ data "unifi_user" "client" {
 - `network_id` (String) The network ID for this user.
 - `note` (String) A note with additional information for the user.
 - `user_group_id` (String) The user group ID for the user.
-
-
--- a/docs/data-sources/user_group.md
+++ b/docs/data-sources/user_group.md
@@ -25,5 +25,3 @@ description: |-
 - `id` (String) The ID of this AP group.
 - `qos_rate_max_down` (Number)
 - `qos_rate_max_up` (Number)
-
-
--- a/docs/index.md
+++ b/docs/index.md
@@ -13,16 +13,14 @@ It is not recommended to use your own account for management of your controller.
 Terraform is recommended. You can create a **Limited Admin** with **Local Access Only** and
 provide that information for authentication. Two-factor authentication is not supported in the provider.

-It is recommended to use API Key authentication, if you are on controller version 9.0.108 or higher.
-
 ## Example Usage

 ```terraform
 provider "unifi" {
-  api_key  = var.api_key  # optionally use UNIFI_API_KEY env var
  username = var.username # optionally use UNIFI_USERNAME env var
  password = var.password # optionally use UNIFI_PASSWORD env var
-  api_url  = var.api_url  # optionally use UNIFI_API env var
+  api_key = var.api_key  # optionally use UNIFI_API_KEY env var
+  api_url = var.api_url  # optionally use UNIFI_API env var

  # you may need to allow insecure TLS communications unless you have configured
  # certificates for your controller
@@ -33,25 +31,14 @@ provider "unifi" {
 }
 ```

-### Obtaining an API Key
-
-1. Open your Site in UniFi Site Manager
-2. Click on Control Plane -> Admins & Users.
-3. Select your Admin user.
-4. Click Create API Key.
-5. Add a name for your API Key.
-6. Copy the key and store it securely, as it will only be displayed once.
-7. Click Done to ensure the key is hashed and securely stored.
-8. Use the API Key 🎉
-
 <!-- schema generated by tfplugindocs -->
 ## Schema

 ### Optional

 - `allow_insecure` (Boolean) Skip verification of TLS certificates of API requests. You may need to set this to `true` if you are using your local API without setting up a signed certificate. Can be specified with the `UNIFI_INSECURE` environment variable.
- `api_key` (String) API key for the user accessing the API. Can be specified with the `UNIFI_API_KEY` environment variable. Requires controller version 9.0.108 or higher and `username` and `password` to be empty
+- `api_key` (String, Sensitive) API Key for the user accessing the API. Can be specified with the `UNIFI_API_KEY` environment variable. Controller version 9.0.108 or later is required.
 - `api_url` (String) URL of the controller API. Can be specified with the `UNIFI_API` environment variable. You should **NOT** supply the path (`/api`), the SDK will discover the appropriate paths. This is to support UDM Pro style API paths as well as more standard controller paths.
- `password` (String) Password for the user accessing the API. Can be specified with the `UNIFI_PASSWORD` environment variable.
+- `password` (String, Sensitive) Password for the user accessing the API. Can be specified with the `UNIFI_PASSWORD` environment variable.
 - `site` (String) The site in the Unifi controller this provider will manage. Can be specified with the `UNIFI_SITE` environment variable. Default: `default`
 - `username` (String) Local user name for the Unifi controller API. Can be specified with the `UNIFI_USERNAME` environment variable.
--- a/docs/resources/account.md
+++ b/docs/resources/account.md
@@ -41,5 +41,3 @@ NOTE: MAC-based authentication accounts can only be used for wireless and wired
 ### Read-Only

 - `id` (String) The ID of the account.
-
-
--- a/docs/resources/device.md
+++ b/docs/resources/device.md
@@ -90,6 +90,5 @@ Optional:
 - `aggregate_num_ports` (Number) Number of ports in the aggregate.
 - `name` (String) Human-readable name of the port.
 - `op_mode` (String) Operating mode of the port, valid values are `switch`, `mirror`, and `aggregate`. Defaults to `switch`.
+- `poe_mode` (String) PoE mode of the port; valid values are `auto`, `pasv24`, `passthrough`, and `off`.
 - `port_profile_id` (String) ID of the Port Profile used on this port.
-
-
--- a/docs/resources/dynamic_dns.md
+++ b/docs/resources/dynamic_dns.md
@@ -43,5 +43,3 @@ resource "unifi_dynamic_dns" "test" {
 ### Read-Only

 - `id` (String) The ID of the dynamic DNS.
-
-
--- a/docs/resources/firewall_group.md
+++ b/docs/resources/firewall_group.md
@@ -41,5 +41,3 @@ resource "unifi_firewall_group" "can_print" {
 ### Read-Only

 - `id` (String) The ID of the firewall group.
-
-
--- a/docs/resources/network.md
+++ b/docs/resources/network.md
@@ -67,9 +67,9 @@ resource "unifi_network" "wan" {
 - `dhcpd_boot_filename` (String) Specifies the file to PXE boot from on the dhcpd_boot_server.
 - `dhcpd_boot_server` (String) Specifies the IPv4 address of a TFTP server to network boot from.
 - `domain_name` (String) The domain name of this network.
+- `enabled` (Boolean) Specifies whether this network is enabled or not. Defaults to `true`.
 - `igmp_snooping` (Boolean) Specifies whether IGMP snooping is enabled or not.
 - `internet_access_enabled` (Boolean) Specifies whether this network should be allowed to access the internet or not. Defaults to `true`.
- `intra_network_access_enabled` (Boolean) Specifies whether this network should be allowed to access other local networks or not. Defaults to `true`.
 - `ipv6_interface_type` (String) Specifies which type of IPv6 connection to use. Must be one of either `static`, `pd`, or `none`. Defaults to `none`.
 - `ipv6_pd_interface` (String) Specifies which WAN interface to use for IPv6 PD. Must be one of either `wan` or `wan2`.
 - `ipv6_pd_prefixid` (String) Specifies the IPv6 Prefix ID.
@@ -82,6 +82,7 @@ resource "unifi_network" "wan" {
 - `ipv6_static_subnet` (String) Specifies the static IPv6 subnet when `ipv6_interface_type` is 'static'.
 - `multicast_dns` (Boolean) Specifies whether Multicast DNS (mDNS) is enabled or not on the network (Controller >=v7).
 - `network_group` (String) The group of the network. Defaults to `LAN`.
+- `network_isolation_enabled` (Boolean) Specifies whether this network should be isolated from other networks or not. Defaults to `false`.
 - `site` (String) The name of the site to associate the network with.
 - `subnet` (String) The subnet of the network. Must be a valid CIDR address.
 - `vlan_id` (Number) The VLAN ID of the network.
--- a/docs/resources/port_forward.md
+++ b/docs/resources/port_forward.md
@@ -31,5 +31,3 @@ description: |-
 ### Read-Only

 - `id` (String) The ID of the port forwarding rule.
-
-
--- a/docs/resources/port_profile.md
+++ b/docs/resources/port_profile.md
@@ -46,6 +46,7 @@ resource "unifi_port_profile" "poe_disabled" {
 - `dot1x_idle_timeout` (Number) The timeout, in seconds, to use when using the MAC Based 802.1X control. Can be between 0 and 65535 Defaults to `300`.
 - `egress_rate_limit_kbps` (Number) The egress rate limit, in kpbs, for the port profile. Can be between `64` and `9999999`.
 - `egress_rate_limit_kbps_enabled` (Boolean) Enable egress rate limiting for the port profile. Defaults to `false`.
+- `excluded_network_ids` (Set of String) List of network IDs to exclude on the port profile when forward is set to customize.
 - `forward` (String) The type forwarding to use for the port profile. Can be `all`, `native`, `customize` or `disabled`. Defaults to `native`.
 - `full_duplex` (Boolean) Enable full duplex for the port profile. Defaults to `false`.
 - `isolation` (Boolean) Enable port isolation for the port profile. Defaults to `false`.
@@ -62,7 +63,7 @@ resource "unifi_port_profile" "poe_disabled" {
 - `priority_queue3_level` (Number) The priority queue 3 level for the port profile. Can be between 0 and 100.
 - `priority_queue4_level` (Number) The priority queue 4 level for the port profile. Can be between 0 and 100.
 - `site` (String) The name of the site to associate the port profile with.
- `speed` (Number) The link speed to set for the port profile. Can be one of `10`, `100`, `1000`, `2500`, `5000`, `10000`, `20000`, `25000`, `40000`, `50000` or `100000`
+- `speed` (Number) The link speed to set for the port profile in Mbps. Can be one of `10`, `100`, `1000`, `2500`, `5000`, `10000`, `20000`, `25000`, `40000`, `50000` or `100000`. When `autoneg` is true, this setting is ignored.
 - `stormctrl_bcast_enabled` (Boolean) Enable broadcast Storm Control for the port profile. Defaults to `false`.
 - `stormctrl_bcast_level` (Number) The broadcast Storm Control level for the port profile. Can be between 0 and 100.
 - `stormctrl_bcast_rate` (Number) The broadcast Storm Control rate for the port profile. Can be between 0 and 14880000.
@@ -74,11 +75,9 @@ resource "unifi_port_profile" "poe_disabled" {
 - `stormctrl_ucast_level` (Number) The unknown unicast Storm Control level for the port profile. Can be between 0 and 100.
 - `stormctrl_ucast_rate` (Number) The unknown unicast Storm Control rate for the port profile. Can be between 0 and 14880000.
 - `stp_port_mode` (Boolean) Enable spanning tree protocol on the port profile. Defaults to `true`.
- `tagged_networkconf_ids` (Set of String) The IDs of networks to tag traffic with for the port profile.
+- `tagged_vlan_mgmt` (String) The VLAN management type for the port profile. Can be one of 'auto', 'block_all', or 'custom'.
 - `voice_networkconf_id` (String) The ID of network to use as the voice network on the port profile.

 ### Read-Only

 - `id` (String) The ID of the port profile.
-
-
--- a/docs/resources/radius_profile.md
+++ b/docs/resources/radius_profile.md
@@ -60,5 +60,3 @@ Required:
 Optional:

 - `port` (Number) Port of authentication service. Defaults to `1812`.
-
-
--- a/docs/resources/setting_mgmt.md
+++ b/docs/resources/setting_mgmt.md
@@ -49,5 +49,3 @@ Optional:

 - `comment` (String) Comment.
 - `key` (String) Public SSH key.
-
-
--- a/docs/resources/setting_radius.md
+++ b/docs/resources/setting_radius.md
@@ -29,5 +29,3 @@ description: |-
 ### Read-Only

 - `id` (String) The ID of the settings.
-
-
--- a/docs/resources/setting_usg.md
+++ b/docs/resources/setting_usg.md
@@ -18,14 +18,9 @@ description: |-
 ### Optional

 - `dhcp_relay_servers` (List of String) The DHCP relay servers.
- `firewall_guest_default_log` (Boolean) Whether the guest firewall log is enabled.
- `firewall_lan_default_log` (Boolean) Whether the LAN firewall log is enabled.
- `firewall_wan_default_log` (Boolean) Whether the WAN firewall log is enabled.
 - `multicast_dns_enabled` (Boolean) Whether multicast DNS is enabled.
 - `site` (String) The name of the site to associate the settings with.

 ### Read-Only

 - `id` (String) The ID of the settings.
-
-
--- a/docs/resources/static_route.md
+++ b/docs/resources/static_route.md
@@ -56,5 +56,3 @@ resource "unifi_static_route" "interface" {
 ### Read-Only

 - `id` (String) The ID of the static route.
-
-
--- a/docs/resources/user.md
+++ b/docs/resources/user.md
@@ -52,5 +52,3 @@ resource "unifi_user" "test" {
 - `hostname` (String) The hostname of the user.
 - `id` (String) The ID of the user.
 - `ip` (String) The IP address of the user.
-
-
--- a/docs/resources/wlan.md
+++ b/docs/resources/wlan.md
@@ -55,7 +55,7 @@ resource "unifi_wlan" "wifi" {

 ### Required

- `name` (String) The SSID of the network.
+- `name` (String) The SSID of the network. SSID length must be between 1 and 32 characters.
 - `security` (String) The type of WiFi security for this network. Valid values are: `wpapsk`, `wpaeap`, and `open`.
 - `user_group_id` (String) ID of the user group to use for this network.