diff --git a/docs/resources/setting_usg.md b/docs/resources/setting_usg.md new file mode 100644 index 0000000..0ac5931 --- /dev/null +++ b/docs/resources/setting_usg.md @@ -0,0 +1,31 @@ +--- +# generated by https://github.com/hashicorp/terraform-plugin-docs +page_title: "unifi_setting_usg Resource - terraform-provider-unifi" +subcategory: "" +description: |- + unifi_setting_usg manages settings for a Unifi Security Gateway. +--- + +# unifi_setting_usg (Resource) + +`unifi_setting_usg` manages settings for a Unifi Security Gateway. + + + + +## Schema + +### Optional + +- **dhcp_relay_servers** (List of String) The DHCP relay servers. +- **firewall_guest_default_log** (Boolean) Whether the guest firewall log is enabled. +- **firewall_lan_default_log** (Boolean) Whether the LAN firewall log is enabled. +- **firewall_wan_default_log** (Boolean) Whether the WAN firewall log is enabled. +- **multicast_dns_enabled** (Boolean) Whether multicast DNS is enabled. +- **site** (String) The name of the site to associate the settings with. + +### Read-Only + +- **id** (String) The ID of the settings. + + diff --git a/internal/provider/lazy_client.go b/internal/provider/lazy_client.go index c0a510d..4762170 100644 --- a/internal/provider/lazy_client.go +++ b/internal/provider/lazy_client.go @@ -512,3 +512,15 @@ func (c *lazyClient) UpdateSettingMgmt(ctx context.Context, site string, d *unif } return c.inner.UpdateSettingMgmt(ctx, site, d) } +func (c *lazyClient) GetSettingUsg(ctx context.Context, site string) (*unifi.SettingUsg, error) { + if err := c.init(ctx); err != nil { + return nil, err + } + return c.inner.GetSettingUsg(ctx, site) +} +func (c *lazyClient) UpdateSettingUsg(ctx context.Context, site string, d *unifi.SettingUsg) (*unifi.SettingUsg, error) { + if err := c.init(ctx); err != nil { + return nil, err + } + return c.inner.UpdateSettingUsg(ctx, site, d) +} diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 48b0207..5373d55 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -91,7 +91,9 @@ func New(version string) func() *schema.Provider { "unifi_user_group": resourceUserGroup(), "unifi_user": resourceUser(), "unifi_wlan": resourceWLAN(), - "unifi_setting_mgmt": resourceSettingMgmt(), + + "unifi_setting_mgmt": resourceSettingMgmt(), + "unifi_setting_usg": resourceSettingUsg(), }, } @@ -209,7 +211,9 @@ type unifiClient interface { UpdateDynamicDNS(ctx context.Context, site string, d *unifi.DynamicDNS) (*unifi.DynamicDNS, error) GetSettingMgmt(ctx context.Context, id string) (*unifi.SettingMgmt, error) + GetSettingUsg(ctx context.Context, id string) (*unifi.SettingUsg, error) UpdateSettingMgmt(ctx context.Context, site string, d *unifi.SettingMgmt) (*unifi.SettingMgmt, error) + UpdateSettingUsg(ctx context.Context, site string, d *unifi.SettingUsg) (*unifi.SettingUsg, error) } type client struct { diff --git a/internal/provider/resource_setting_usg.go b/internal/provider/resource_setting_usg.go new file mode 100644 index 0000000..86e61ab --- /dev/null +++ b/internal/provider/resource_setting_usg.go @@ -0,0 +1,171 @@ +package provider + +import ( + "context" + "fmt" + + "github.com/hashicorp/terraform-plugin-sdk/v2/diag" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema" + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation" + "github.com/paultyng/go-unifi/unifi" +) + +func resourceSettingUsg() *schema.Resource { + return &schema.Resource{ + Description: "`unifi_setting_usg` manages settings for a Unifi Security Gateway.", + + CreateContext: resourceSettingUsgUpsert, + ReadContext: resourceSettingUsgRead, + UpdateContext: resourceSettingUsgUpsert, + DeleteContext: schema.NoopContext, + Importer: &schema.ResourceImporter{ + StateContext: importSiteAndID, + }, + + Schema: map[string]*schema.Schema{ + "id": { + Description: "The ID of the settings.", + Type: schema.TypeString, + Computed: true, + }, + "site": { + Description: "The name of the site to associate the settings with.", + Type: schema.TypeString, + Computed: true, + Optional: true, + ForceNew: true, + }, + "multicast_dns_enabled": { + Description: "Whether multicast DNS is enabled.", + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + "firewall_guest_default_log": { + Description: "Whether the guest firewall log is enabled.", + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + "firewall_lan_default_log": { + Description: "Whether the LAN firewall log is enabled.", + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + "firewall_wan_default_log": { + Description: "Whether the WAN firewall log is enabled.", + Type: schema.TypeBool, + Optional: true, + Computed: true, + }, + "dhcp_relay_servers": { + Description: "The DHCP relay servers.", + Type: schema.TypeList, + Optional: true, + Computed: true, + MaxItems: 5, + Elem: &schema.Schema{ + Type: schema.TypeString, + ValidateFunc: validation.All( + validation.IsIPv4Address, + // this doesn't let blank through + validation.StringLenBetween(1, 50), + ), + }, + }, + }, + } +} + +func resourceSettingUsgUpdateResourceData(d *schema.ResourceData, meta interface{}, setting *unifi.SettingUsg) error { + setting.MdnsEnabled = d.Get("multicast_dns_enabled").(bool) + + setting.FirewallGuestDefaultLog = d.Get("firewall_guest_default_log").(bool) + setting.FirewallLanDefaultLog = d.Get("firewall_lan_default_log").(bool) + setting.FirewallWANDefaultLog = d.Get("firewall_wan_default_log").(bool) + + dhcpRelay, err := listToStringSlice(d.Get("dhcp_relay_servers").([]interface{})) + if err != nil { + return fmt.Errorf("unable to convert dhcp_relay_servers to string slice: %w", err) + } + setting.DHCPRelayServer1 = append(dhcpRelay, "")[0] + setting.DHCPRelayServer2 = append(dhcpRelay, "", "")[1] + setting.DHCPRelayServer3 = append(dhcpRelay, "", "", "")[2] + setting.DHCPRelayServer4 = append(dhcpRelay, "", "", "", "")[3] + setting.DHCPRelayServer5 = append(dhcpRelay, "", "", "", "", "")[4] + + return nil +} + +func resourceSettingUsgUpsert(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + c := meta.(*client) + + site := d.Get("site").(string) + if site == "" { + site = c.site + } + + req, err := c.c.GetSettingUsg(ctx, c.site) + if err != nil { + return diag.FromErr(err) + } + + err = resourceSettingUsgUpdateResourceData(d, meta, req) + if err != nil { + return diag.FromErr(err) + } + + resp, err := c.c.UpdateSettingUsg(ctx, site, req) + if err != nil { + return diag.FromErr(err) + } + + d.SetId(resp.ID) + return resourceSettingUsgSetResourceData(resp, d, meta, site) +} + +func resourceSettingUsgSetResourceData(resp *unifi.SettingUsg, d *schema.ResourceData, meta interface{}, site string) diag.Diagnostics { + d.Set("site", site) + d.Set("multicast_dns_enabled", resp.MdnsEnabled) + d.Set("firewall_guest_default_log", resp.FirewallGuestDefaultLog) + d.Set("firewall_lan_default_log", resp.FirewallLanDefaultLog) + d.Set("firewall_wan_default_log", resp.FirewallWANDefaultLog) + + dhcpRelay := []string{} + for _, s := range []string{ + resp.DHCPRelayServer1, + resp.DHCPRelayServer2, + resp.DHCPRelayServer3, + resp.DHCPRelayServer4, + resp.DHCPRelayServer5, + } { + if s == "" { + continue + } + dhcpRelay = append(dhcpRelay, s) + } + d.Set("dhcp_relay_servers", dhcpRelay) + + return nil +} + +func resourceSettingUsgRead(ctx context.Context, d *schema.ResourceData, meta interface{}) diag.Diagnostics { + c := meta.(*client) + + site := d.Get("site").(string) + if site == "" { + site = c.site + } + + resp, err := c.c.GetSettingUsg(ctx, site) + if _, ok := err.(*unifi.NotFoundError); ok { + d.SetId("") + return nil + } + if err != nil { + return diag.FromErr(err) + } + + return resourceSettingUsgSetResourceData(resp, d, meta, site) +} diff --git a/internal/provider/resource_setting_usg_test.go b/internal/provider/resource_setting_usg_test.go new file mode 100644 index 0000000..73298bc --- /dev/null +++ b/internal/provider/resource_setting_usg_test.go @@ -0,0 +1,95 @@ +package provider + +import ( + "fmt" + "testing" + + "github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource" +) + +func TestAccSettingUsg_mdns(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: testAccSettingUsgConfig_mdns(true), + Check: resource.ComposeTestCheckFunc(), + }, + importStep("unifi_setting_usg.test"), + { + Config: testAccSettingUsgConfig_mdns(false), + Check: resource.ComposeTestCheckFunc(), + }, + importStep("unifi_setting_usg.test"), + { + Config: testAccSettingUsgConfig_mdns(true), + Check: resource.ComposeTestCheckFunc(), + }, + importStep("unifi_setting_usg.test"), + }, + }) +} + +func TestAccSettingUsg_dhcpRelay(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: testAccSettingUsgConfig_dhcpRelay(), + Check: resource.ComposeTestCheckFunc(), + }, + importStep("unifi_setting_usg.test"), + }, + }) +} + +func TestAccSettingUsg_site(t *testing.T) { + resource.ParallelTest(t, resource.TestCase{ + ProviderFactories: providerFactories, + Steps: []resource.TestStep{ + { + Config: testAccSettingUsgConfig_site(), + Check: resource.ComposeTestCheckFunc(), + }, + { + ResourceName: "unifi_setting_usg.test", + ImportState: true, + ImportStateIdFunc: siteAndIDImportStateIDFunc("unifi_setting_usg.test"), + ImportStateVerify: true, + }, + }, + }) +} + +func testAccSettingUsgConfig_mdns(mdns bool) string { + return fmt.Sprintf(` +resource "unifi_setting_usg" "test" { + multicast_dns_enabled = %t +} +`, mdns) +} + +func testAccSettingUsgConfig_dhcpRelay() string { + return ` +resource "unifi_setting_usg" "test" { + dhcp_relay_servers = [ + "10.1.2.3", + "10.1.2.4", + ] +} +` +} + +func testAccSettingUsgConfig_site() string { + return ` +resource "unifi_site" "test" { + description = "test" +} + +resource "unifi_setting_usg" "test" { + site = unifi_site.test.name + + multicast_dns_enabled = true +} +` +}