github/terraform-provider-unifi
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
b9284f7758544f495d244133d459ffd530c9e7ed
terraform-provider-unifi/docs/resources/setting_guest_access.md
Mateusz Filipowicz b9284f7758 docs: improve documentation for 1.0.0 release (#75) 
* docs: add examples and recreate TF documentation

* update readme

* add information about experimental support of firewall zones
2025-03-22 19:13:16 +01:00

377 lines
14 KiB
Markdown
Raw Blame History

---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "unifi_setting_guest_access Resource - terraform-provider-unifi"
subcategory: ""
description: |-
The unifi_setting_guest_access resource manages the guest access settings in the UniFi controller.
This resource allows you to configure all aspects of guest network access including authentication methods, portal customization, and payment options.
---
# unifi_setting_guest_access (Resource)
The `unifi_setting_guest_access` resource manages the guest access settings in the UniFi controller.
This resource allows you to configure all aspects of guest network access including authentication methods, portal customization, and payment options.
## Example Usage
```terraform
# Configure guest access settings for your UniFi network
# This example demonstrates a comprehensive guest portal setup with various authentication options
resource "unifi_portal_file" "logo" {
file_path = "logo.png"
}
resource "unifi_setting_guest_access" "guest_portal" {
# Basic configuration
auth = "hotspot" # Authentication type: none, hotspot, custom, or external
portal_enabled = true # Enable the guest portal
portal_use_hostname = true # Use hostname for the portal
portal_hostname = "guest.example.com" # Portal hostname
template_engine = "angular" # Portal template engine (angular or jsp)
# Expiration settings for guest access
expire = 1440 # Minutes until expiration
expire_number = 1 # Number of time units
expire_unit = 1440 # Time unit in minutes
# Enable external captive portal detection
ec_enabled = true
# Password protection for guest access
password = "guest-access-password"
# Google authentication
google {
client_id = "your-google-client-id"
client_secret = "your-google-client-secret"
domain = "example.com" # Optional: limit sign-ins to a specific domain
scope_email = true # Request email addresses during sign-in
}
# Payment option (PayPal)
payment_gateway = "paypal"
paypal {
username = "business@example.com"
password = "paypal-api-password"
signature = "paypal-api-signature"
use_sandbox = true # Set to false for production
}
# Redirecting guests after authentication
redirect {
url = "https://example.com/welcome"
use_https = true
to_https = true
}
# Restricted DNS for guests
restricted_dns_servers = [
"1.1.1.1",
"8.8.8.8"
]
# Portal customization options
portal_customization {
customized = true
# Portal appearance
title = "Welcome to Our Guest Network"
welcome_text = "Thanks for visiting our location. Please enjoy our complimentary WiFi."
welcome_text_enabled = true
welcome_text_position = "top"
# Color scheme
bg_color = "#f5f5f5"
text_color = "#333333"
link_color = "#0078d4"
# Authentication dialog box
box_color = "#ffffff"
box_text_color = "#333333"
box_link_color = "#0078d4"
box_opacity = 90
box_radius = 5
# Logo
logo_file_id = unifi_portal_file.logo.id
# Button styling
button_color = "#0078d4"
button_text_color = "#ffffff"
button_text = "Connect"
# Legal information / Terms of Service
tos_enabled = true
tos = "By using this service, you agree to our terms and conditions. Unauthorized use is prohibited."
# Languages supported
languages = ["PL"]
}
}
```
<!-- schema generated by tfplugindocs -->
## Schema
### Optional
- `allowed_subnet` (String) Subnet allowed for guest access.
- `auth` (String) Authentication method for guest access. Valid values are:
* `none` - No authentication required
* `hotspot` - Password authentication
* `facebook_wifi` - Facebook auth entication
* `custom` - Custom authentication
For password authentication, set `auth` to `hotspot` and `password_enabled` to `true`.
For voucher authentication, set `auth` to `hotspot` and `voucher_enabled` to `true`.
For payment authentication, set `auth` to `hotspot` and `payment_enabled` to `true`.
- `auth_url` (String) URL for authentication. Must be a valid URL including the protocol.
- `authorize` (Attributes) Authorize.net payment settings. (see [below for nested schema](#nestedatt--authorize))
- `custom_ip` (String) Custom IP address. Must be a valid IPv4 address (e.g., `192.168.1.1`).
- `ec_enabled` (Boolean) Enable enterprise controller functionality.
- `expire` (Number) Expiration time for guest access.
- `expire_number` (Number) Number value for the expiration time.
- `expire_unit` (Number) Unit for the expiration time. Valid values are:
* `1` - Minute
* `60` - Hour
* `1440` - Day
* `10080` - Week
- `facebook` (Attributes) Facebook authentication settings. (see [below for nested schema](#nestedatt--facebook))
- `facebook_wifi` (Attributes) Facebook WiFi authentication settings. (see [below for nested schema](#nestedatt--facebook_wifi))
- `google` (Attributes) Google authentication settings. (see [below for nested schema](#nestedatt--google))
- `ippay` (Attributes) IPpay Payments settings. (see [below for nested schema](#nestedatt--ippay))
- `merchant_warrior` (Attributes) MerchantWarrior payment settings. (see [below for nested schema](#nestedatt--merchant_warrior))
- `password` (String, Sensitive) Password for guest access.
- `payment_gateway` (String) Payment gateway. Valid values are:
* `paypal` - PayPal
* `stripe` - Stripe
* `authorize` - Authorize.net
* `quickpay` - QuickPay
* `merchantwarrior` - Merchant Warrior
* `ippay` - IP Payments
- `paypal` (Attributes) PayPal payment settings. (see [below for nested schema](#nestedatt--paypal))
- `portal_customization` (Attributes) Portal customization settings. (see [below for nested schema](#nestedatt--portal_customization))
- `portal_enabled` (Boolean) Enable the guest portal.
- `portal_hostname` (String) Hostname to use for the captive portal.
- `portal_use_hostname` (Boolean) Use a custom hostname for the portal.
- `quickpay` (Attributes) QuickPay payment settings. (see [below for nested schema](#nestedatt--quickpay))
- `radius` (Attributes) RADIUS authentication settings. (see [below for nested schema](#nestedatt--radius))
- `redirect` (Attributes) Redirect after authentication settings. (see [below for nested schema](#nestedatt--redirect))
- `restricted_dns_servers` (List of String) List of restricted DNS servers for guest networks. Each value must be a valid IPv4 address.
- `restricted_subnet` (String) Subnet for restricted guest access.
- `site` (String) The name of the UniFi site where this resource should be applied. If not specified, the default site will be used.
- `stripe` (Attributes) Stripe payment settings. (see [below for nested schema](#nestedatt--stripe))
- `template_engine` (String) Template engine for the portal. Valid values are: `jsp`, `angular`.
- `voucher_customized` (Boolean) Whether vouchers are customized.
- `voucher_enabled` (Boolean) Enable voucher-based authentication for guest access.
- `wechat` (Attributes) WeChat authentication settings. (see [below for nested schema](#nestedatt--wechat))
### Read-Only
- `facebook_enabled` (Boolean) Whether Facebook authentication for guest access is enabled.
- `google_enabled` (Boolean) Whether Google authentication for guest access is enabled.
- `id` (String) The unique identifier of this resource.
- `password_enabled` (Boolean) Enable password authentication for guest access.
- `payment_enabled` (Boolean) Enable payment for guest access.
- `radius_enabled` (Boolean) Whether RADIUS authentication for guest access is enabled.
- `redirect_enabled` (Boolean) Whether redirect after authentication is enabled.
- `restricted_dns_enabled` (Boolean) Whether restricted DNS servers for guest networks are enabled.
- `wechat_enabled` (Boolean) Whether WeChat authentication for guest access is enabled.
<a id="nestedatt--authorize"></a>
### Nested Schema for `authorize`
Required:
- `login_id` (String) Authorize.net login ID for authentication.
- `transaction_key` (String) Authorize.net transaction key for authentication.
Optional:
- `use_sandbox` (Boolean) Use sandbox mode for Authorize.net payments.
<a id="nestedatt--facebook"></a>
### Nested Schema for `facebook`
Required:
- `app_id` (String) Facebook application ID for authentication.
- `app_secret` (String, Sensitive) Facebook application secret for authentication.
Optional:
- `scope_email` (Boolean) Request email scope for Facebook authentication.
<a id="nestedatt--facebook_wifi"></a>
### Nested Schema for `facebook_wifi`
Required:
- `gateway_id` (String) Facebook WiFi gateway ID.
- `gateway_name` (String) Facebook WiFi gateway name.
- `gateway_secret` (String, Sensitive) Facebook WiFi gateway secret.
Optional:
- `block_https` (Boolean) Mode HTTPS for Facebook WiFi.
<a id="nestedatt--google"></a>
### Nested Schema for `google`
Required:
- `client_id` (String) Google client ID for authentication.
- `client_secret` (String) Google client secret for authentication.
Optional:
- `domain` (String) Restrict Google authentication to specific domain.
- `scope_email` (Boolean) Request email scope for Google authentication.
<a id="nestedatt--ippay"></a>
### Nested Schema for `ippay`
Required:
- `terminal_id` (String, Sensitive) Terminal ID for IP Payments.
Optional:
- `use_sandbox` (Boolean) Whether to use sandbox mode for IPPay payments.
<a id="nestedatt--merchant_warrior"></a>
### Nested Schema for `merchant_warrior`
Required:
- `api_key` (String, Sensitive) MerchantWarrior API key.
- `api_passphrase` (String, Sensitive) MerchantWarrior API passphrase.
- `merchant_uuid` (String, Sensitive) MerchantWarrior merchant UUID.
Optional:
- `use_sandbox` (Boolean) Whether to use sandbox mode for MerchantWarrior payments.
<a id="nestedatt--paypal"></a>
### Nested Schema for `paypal`
Required:
- `password` (String, Sensitive) PayPal password.
- `signature` (String, Sensitive) PayPal signature.
- `username` (String, Sensitive) PayPal username. Must be a valid email address.
Optional:
- `use_sandbox` (Boolean) Whether to use sandbox mode for PayPal payments.
<a id="nestedatt--portal_customization"></a>
### Nested Schema for `portal_customization`
Optional:
- `authentication_text` (String) Custom authentication text for the portal.
- `bg_color` (String) Background color for the custom portal. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `bg_image_file_id` (String) ID of the background image portal file. File must exist in controller, use `unifi_portal_file` to manage it.
- `bg_image_tile` (Boolean) Tile the background image.
- `bg_type` (String) Type of portal background. Valid values are:
* `color` - Solid color background
* `image` - (not yet supported!) Custom image background
* `gallery` - Image from Unsplash gallery
- `box_color` (String) Color of the login box in the portal. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `box_link_color` (String) Color of links in the login box. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `box_opacity` (Number) Opacity of the login box (0-100).
- `box_radius` (Number) Border radius of the login box in pixels.
- `box_text_color` (String) Text color in the login box. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `button_color` (String) Button color in the portal. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `button_text` (String) Custom text for the login button.
- `button_text_color` (String) Button text color. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `customized` (Boolean) Whether the portal is customized.
- `languages` (List of String) List of enabled languages for the portal.
- `link_color` (String) Color for links in the portal. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `logo_file_id` (String) ID of the logo image portal file. File must exist in controller, use `unifi_portal_file` to manage it.
- `logo_position` (String) Position of the logo in the portal. Valid values are: left, center, right.
- `logo_size` (Number) Size of the logo in pixels.
- `success_text` (String) Text displayed after successful authentication.
- `text_color` (String) Main text color for the portal. Must be a valid hex color code (e.g., #FFF or #FFFFFF).
- `title` (String) Title of the portal page.
- `tos` (String) Terms of service text.
- `tos_enabled` (Boolean) Enable terms of service acceptance requirement.
- `unsplash_author_name` (String) Name of the Unsplash author for gallery background.
- `unsplash_author_username` (String) Username of the Unsplash author for gallery background.
- `welcome_text` (String) Welcome text displayed on the portal.
- `welcome_text_enabled` (Boolean) Enable welcome text display.
- `welcome_text_position` (String) Position of the welcome text. Valid values are: `under_logo`, `above_boxes`.
<a id="nestedatt--quickpay"></a>
### Nested Schema for `quickpay`
Required:
- `agreement_id` (String, Sensitive) QuickPay agreement ID.
- `api_key` (String, Sensitive) QuickPay API key.
- `merchant_id` (String, Sensitive) QuickPay merchant ID.
Optional:
- `use_sandbox` (Boolean) Enable sandbox mode for QuickPay payments.
<a id="nestedatt--radius"></a>
### Nested Schema for `radius`
Required:
- `auth_type` (String) RADIUS authentication type. Valid values are: `chap`, `mschapv2`.
- `profile_id` (String) ID of the RADIUS profile to use.
Optional:
- `disconnect_enabled` (Boolean) Enable RADIUS disconnect messages.
- `disconnect_port` (Number) Port for RADIUS disconnect messages.
<a id="nestedatt--redirect"></a>
### Nested Schema for `redirect`
Required:
- `url` (String) URL to redirect to after authentication. Must be a valid URL.
Optional:
- `to_https` (Boolean) Redirect HTTP requests to HTTPS.
- `use_https` (Boolean) Use HTTPS for the redirect URL.
<a id="nestedatt--stripe"></a>
### Nested Schema for `stripe`
Required:
- `api_key` (String, Sensitive) Stripe API key.
<a id="nestedatt--wechat"></a>
### Nested Schema for `wechat`
Required:
- `app_id` (String) WeChat App ID for social authentication.
- `app_secret` (String, Sensitive) WeChat App secret.
- `secret_key` (String, Sensitive) WeChat secret key.
Optional:
- `shop_id` (String) WeChat Shop ID for payments.
Reference in New Issue View Git Blame Copy Permalink