Skip to content

Commit

Permalink
Merge pull request #627 from terraform-routeros/vaerh/issue621
Browse files Browse the repository at this point in the history
feat(wifi): Add new resource `routeros_wifi_security_multi_passphrase`
  • Loading branch information
vaerh authored Dec 30, 2024
2 parents 5878ad3 + 4ef710a commit 097fe07
Show file tree
Hide file tree
Showing 5 changed files with 104 additions and 12 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
#The ID can be found via API or the terminal
#The command for the terminal is -> :put [/wifi/security/multi/passphrase get [print show-ids]]
terraform import routeros_wifi_security_multi_passphrase.test *3
#Or you can import a resource using one of its attributes
terraform import routeros_wifi_security_multi_passphrase.test "comment=xxx"
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
resource "routeros_wifi_security_multi_passphrase" "test" {
group = "gr-123"
passphrase = data.vault_kv_secret_v2.wifi_security.data["test"]
}
25 changes: 13 additions & 12 deletions routeros/provider.go
Original file line number Diff line number Diff line change
Expand Up @@ -322,18 +322,19 @@ func Provider() *schema.Provider {
"routeros_user_manager_user_profile": ResourceUserManagerUserProfile(),

// WiFi
"routeros_wifi": ResourceWifi(),
"routeros_wifi_aaa": ResourceWifiAaa(),
"routeros_wifi_access_list": ResourceWifiAccessList(),
"routeros_wifi_cap": ResourceWifiCap(),
"routeros_wifi_capsman": ResourceWifiCapsman(),
"routeros_wifi_channel": ResourceWifiChannel(),
"routeros_wifi_configuration": ResourceWifiConfiguration(),
"routeros_wifi_datapath": ResourceWifiDatapath(),
"routeros_wifi_interworking": ResourceWifiInterworking(),
"routeros_wifi_provisioning": ResourceWifiProvisioning(),
"routeros_wifi_security": ResourceWifiSecurity(),
"routeros_wifi_steering": ResourceWifiSteering(),
"routeros_wifi": ResourceWifi(),
"routeros_wifi_aaa": ResourceWifiAaa(),
"routeros_wifi_access_list": ResourceWifiAccessList(),
"routeros_wifi_cap": ResourceWifiCap(),
"routeros_wifi_capsman": ResourceWifiCapsman(),
"routeros_wifi_channel": ResourceWifiChannel(),
"routeros_wifi_configuration": ResourceWifiConfiguration(),
"routeros_wifi_datapath": ResourceWifiDatapath(),
"routeros_wifi_interworking": ResourceWifiInterworking(),
"routeros_wifi_provisioning": ResourceWifiProvisioning(),
"routeros_wifi_security": ResourceWifiSecurity(),
"routeros_wifi_security_multi_passphrase": ResourceWifiSecurityMultiPassphrase(),
"routeros_wifi_steering": ResourceWifiSteering(),

// ZeroTier
"routeros_zerotier": ResourceZerotier(),
Expand Down
7 changes: 7 additions & 0 deletions routeros/resource_wifi_security.go
Original file line number Diff line number Diff line change
Expand Up @@ -198,6 +198,13 @@ func ResourceWifiSecurity() *schema.Resource {
Description: "An option to enable 802.11w management frame protection.",
ValidateFunc: validation.StringInSlice([]string{"allowed", "disabled", "required"}, false),
},
"multi_passphrase_group": {
Type: schema.TypeString,
Optional: true,
Description: "Name of `/interface/wifi/security/multi-passphrase/` group that will be used. Only a " +
"single group can be defined under the security profile.",
DiffSuppressFunc: AlwaysPresentNotUserProvided,
},
"owe_transition_interface": {
Type: schema.TypeString,
Optional: true,
Expand Down
75 changes: 75 additions & 0 deletions routeros/resource_wifi_security_multi_passphrase.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,75 @@
package routeros

import (
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
)

/*
{
".id": "*1",
"disabled": "false",
"expired": "false",
"group": "123",
"passphrase": "12345678"
}
*/

// https://help.mikrotik.com/docs/spaces/ROS/pages/224559120/WiFi#WiFi-Securitymulti-passphraseproperties
func ResourceWifiSecurityMultiPassphrase() *schema.Resource {
resSchema := map[string]*schema.Schema{
MetaResourcePath: PropResourcePath("/interface/wifi/security/multi-passphrase"),
MetaId: PropId(Id),

KeyComment: PropCommentRw,
KeyDisabled: PropDisabledRw,
"expires": {
Type: schema.TypeString,
Optional: true,
Description: "The expiration date and time for passphrase specified in this entry, doesn't affect the whole " +
"group. Once the date is reached, existing clients using this passphrase will be disconnected, and new " +
"clients will not be able to connect using it. If not set, passphrase can be used indefinetly.",
},
"group": {
Type: schema.TypeString,
Required: true,
Description: "Assigning the group to a security profile or an access list, will enable use of all passphrases " +
"defined under it.",
},
"isolation": {
Type: schema.TypeBool,
Optional: true,
Description: "Determines whether the client device using this passphrase is isolated from other clients " +
"on AP. Traffic from an isolated client will not be forwarded to other clients and unicast traffic from " +
"a non-isolated client will not be forwarded to an isolated one.",
},
"passphrase": {
Type: schema.TypeString,
Optional: true,
Sensitive: true,
Description: "The passphrase to use for PSK authentication types. Multiple users can use the same passphrase. " +
"Not compatible with WPA3-PSK.",
ValidateFunc: validation.StringLenBetween(8, 64),
},
"vlan_id": {
Type: schema.TypeString,
Optional: true,
Description: "Vlan-id that will be assigned to clients using this passphrase Only supported on wifi-qcom " +
"interfaces, if wifi-qcom-ac AP has a client that uses a passphrase that has vlan-id associated with " +
"it, the client will not be able to join.",
},
}

return &schema.Resource{
CreateContext: DefaultCreate(resSchema),
ReadContext: DefaultRead(resSchema),
UpdateContext: DefaultUpdate(resSchema),
DeleteContext: DefaultDelete(resSchema),

Importer: &schema.ResourceImporter{
StateContext: ImportStateCustomContext(resSchema),
},

Schema: resSchema,
}
}

0 comments on commit 097fe07

Please sign in to comment.