Add missing IPv6 properties (#261)

* Add missing WAN IPv6 properties to network resource * Rename 'ipv6_static_subnet' to 'ipv6_subnet' According to the go-unifi lib, the name was incorrect * Improve description and validation of IPv6 properties * Add missing IPv6 props to network * Add IPv6 support to firewall rules * Adjust naming * ensure unique vlan * Add vlan ID validation * fix assertion * Update docs * rename attribute * cleanup imports * test protocol_v6 * test dhcp_v6_lease * spelling * switch protocol back Co-authored-by: Paul Tyng <[email protected]>
paultyng · Oct 22, 2022 · 71bac96 · 71bac96
1 parent 99287ae
commit 71bac96
Show file tree

Hide file tree

Showing 22 changed files with 547 additions and 69 deletions.
diff --git a/docs/data-sources/network.md b/docs/data-sources/network.md
@@ -43,27 +43,43 @@ data "unifi_network" "my_network" {
 - `dhcp_lease` (Number) lease time for DHCP addresses.
 - `dhcp_start` (String) The IPv4 address where the DHCP range of addresses starts.
 - `dhcp_stop` (String) The IPv4 address where the DHCP range of addresses stops.
+- `dhcp_v6_dns` (List of String) Specifies the IPv6 addresses for the DNS server to be returned from the DHCP server. Used if `dhcp_v6_dns_auto` is set to `false`.
+- `dhcp_v6_dns_auto` (Boolean) Specifies DNS source to propagate. If set `false` the entries in `dhcp_v6_dns` are used, the upstream entries otherwise
+- `dhcp_v6_enabled` (Boolean) Enable stateful DHCPv6 for static configuration.
+- `dhcp_v6_lease` (Number) Specifies the lease time for DHCPv6 addresses.
+- `dhcp_v6_start` (String) Start address of the DHCPv6 range. Used in static DHCPv6 configuration.
+- `dhcp_v6_stop` (String) End address of the DHCPv6 range. Used in static DHCPv6 configuration.
 - `dhcpd_boot_enabled` (Boolean) Toggles on the DHCP boot options. will be set to true if you have dhcpd_boot_filename, and dhcpd_boot_server set.
 - `dhcpd_boot_filename` (String) the file to PXE boot from on the dhcpd_boot_server.
 - `dhcpd_boot_server` (String) IPv4 address of a TFTP server to network boot from.
 - `domain_name` (String) The domain name of this network.
 - `igmp_snooping` (Boolean) Specifies whether IGMP snooping is enabled or not.
-- `ipv6_interface_type` (String) Specifies which type of IPv6 connection to use.
-- `ipv6_pd_interface` (String) Specifies which WAN interface is used for IPv6 Prefix Delegation.
+- `ipv6_interface_type` (String) Specifies which type of IPv6 connection to use. Must be one of either `static`, `pd`, or `none`.
+- `ipv6_pd_interface` (String) Specifies which WAN interface to use for IPv6 PD. Must be one of either `wan` or `wan2`.
 - `ipv6_pd_prefixid` (String) Specifies the IPv6 Prefix ID.
+- `ipv6_pd_start` (String) Start address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.
+- `ipv6_pd_stop` (String) End address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.
 - `ipv6_ra_enable` (Boolean) Specifies whether to enable router advertisements or not.
+- `ipv6_ra_preferred_lifetime` (Number) Lifetime in which the address can be used. Address becomes deprecated afterwards. Must be lower than or equal to `ipv6_ra_valid_lifetime`
+- `ipv6_ra_priority` (String) IPv6 router advertisement priority. Must be one of either `high`, `medium`, or `low`
+- `ipv6_ra_valid_lifetime` (Number) Total lifetime in which the address can be used. Must be equal to or greater than `ipv6_ra_preferred_lifetime`.
 - `ipv6_static_subnet` (String) Specifies the static IPv6 subnet (when ipv6_interface_type is 'static').
 - `network_group` (String) The group of the network.
 - `purpose` (String) The purpose of the network. One of `corporate`, `guest`, `wan`, or `vlan-only`.
 - `subnet` (String) The subnet of the network (CIDR address).
 - `vlan_id` (Number) The VLAN ID of the network.
+- `wan_dhcp_v6_pd_size` (Number) Specifies the IPv6 prefix size to request from ISP. Must be a number between 48 and 64.
 - `wan_dns` (List of String) DNS servers IPs of the WAN.
 - `wan_egress_qos` (Number) Specifies the WAN egress quality of service.
 - `wan_gateway` (String) The IPv4 gateway of the WAN.
+- `wan_gateway_v6` (String) The IPv6 gateway of the WAN.
 - `wan_ip` (String) The IPv4 address of the WAN.
+- `wan_ipv6` (String) The IPv6 address of the WAN.
 - `wan_netmask` (String) The IPv4 netmask of the WAN.
 - `wan_networkgroup` (String) Specifies the WAN network group. One of either `WAN`, `WAN2` or `WAN_LTE_FAILOVER`.
+- `wan_prefixlen` (Number) The IPv6 prefix length of the WAN. Must be between 1 and 128.
 - `wan_type` (String) Specifies the IPV4 WAN connection type. One of either `disabled`, `static`, `dhcp`, or `pppoe`.
+- `wan_type_v6` (String) Specifies the IPV6 WAN connection type. Must be one of either `disabled`, `static`, or `dhcpv6`.
 - `wan_username` (String) Specifies the IPV4 WAN username.
 - `x_wan_password` (String) Specifies the IPV4 WAN password.
 

diff --git a/docs/resources/firewall_rule.md b/docs/resources/firewall_rule.md
@@ -37,22 +37,26 @@ resource "unifi_firewall_rule" "drop_all" {
 
 - `action` (String) The action of the firewall rule. Must be one of `drop`, `accept`, or `reject`.
 - `name` (String) The name of the firewall rule.
-- `protocol` (String) The protocol of the rule.
 - `rule_index` (Number) The index of the rule. Must be >= 2000 < 3000 or >= 4000 < 5000.
 - `ruleset` (String) The ruleset for the rule. This is from the perspective of the security gateway. Must be one of `WAN_IN`, `WAN_OUT`, `WAN_LOCAL`, `LAN_IN`, `LAN_OUT`, `LAN_LOCAL`, `GUEST_IN`, `GUEST_OUT`, `GUEST_LOCAL`, `WANv6_IN`, `WANv6_OUT`, `WANv6_LOCAL`, `LANv6_IN`, `LANv6_OUT`, `LANv6_LOCAL`, `GUESTv6_IN`, `GUESTv6_OUT`, or `GUESTv6_LOCAL`.
 
 ### Optional
 
 - `dst_address` (String) The destination address of the firewall rule.
+- `dst_address_ipv6` (String) The IPv6 destination address of the firewall rule.
 - `dst_firewall_group_ids` (Set of String) The destination firewall group IDs of the firewall rule.
 - `dst_network_id` (String) The destination network ID of the firewall rule.
 - `dst_network_type` (String) The destination network type of the firewall rule. Can be one of `ADDRv4` or `NETv4`. Defaults to `NETv4`.
 - `dst_port` (String) The destination port of the firewall rule.
 - `icmp_typename` (String) ICMP type name.
+- `icmp_v6_typename` (String) ICMPv6 type name.
 - `ip_sec` (String) Specify whether the rule matches on IPsec packets. Can be one of `match-ipset` or `match-none`.
 - `logging` (Boolean) Enable logging for the firewall rule.
+- `protocol` (String) The protocol of the rule.
+- `protocol_v6` (String) The IPv6 protocol of the rule.
 - `site` (String) The name of the site to associate the firewall rule with.
 - `src_address` (String) The source address for the firewall rule.
+- `src_address_ipv6` (String) The IPv6 source address for the firewall rule.
 - `src_firewall_group_ids` (Set of String) The source firewall group IDs for the firewall rule.
 - `src_mac` (String) The source MAC address of the firewall rule.
 - `src_network_id` (String) The source network ID for the firewall rule.

diff --git a/docs/resources/network.md b/docs/resources/network.md
@@ -57,29 +57,45 @@ resource "unifi_network" "wan" {
 - `dhcp_relay_enabled` (Boolean) Specifies whether DHCP relay is enabled or not on this network.
 - `dhcp_start` (String) The IPv4 address where the DHCP range of addresses starts.
 - `dhcp_stop` (String) The IPv4 address where the DHCP range of addresses stops.
+- `dhcp_v6_dns` (List of String) Specifies the IPv6 addresses for the DNS server to be returned from the DHCP server. Used if `dhcp_v6_dns_auto` is set to `false`.
+- `dhcp_v6_dns_auto` (Boolean) Specifies DNS source to propagate. If set `false` the entries in `dhcp_v6_dns` are used, the upstream entries otherwise Defaults to `true`.
+- `dhcp_v6_enabled` (Boolean) Enable stateful DHCPv6 for static configuration.
+- `dhcp_v6_lease` (Number) Specifies the lease time for DHCPv6 addresses. Defaults to `86400`.
+- `dhcp_v6_start` (String) Start address of the DHCPv6 range. Used in static DHCPv6 configuration.
+- `dhcp_v6_stop` (String) End address of the DHCPv6 range. Used in static DHCPv6 configuration.
 - `dhcpd_boot_enabled` (Boolean) Toggles on the DHCP boot options. Should be set to true when you want to have dhcpd_boot_filename, and dhcpd_boot_server to take effect.
 - `dhcpd_boot_filename` (String) Specifies the file to PXE boot from on the dhcpd_boot_server.
 - `dhcpd_boot_server` (String) Specifies the IPv4 address of a TFTP server to network boot from.
 - `domain_name` (String) The domain name of this network.
 - `igmp_snooping` (Boolean) Specifies whether IGMP snooping is enabled or not.
 - `internet_access_enabled` (Boolean) Specifies whether this network should be allowed to access the internet or not. Defaults to `true`.
 - `intra_network_access_enabled` (Boolean) Specifies whether this network should be allowed to access other local networks or not. Defaults to `true`.
-- `ipv6_interface_type` (String) Specifies which type of IPv6 connection to use. Defaults to `none`.
-- `ipv6_pd_interface` (String) Specifies which WAN interface to use for IPv6 PD.
+- `ipv6_interface_type` (String) Specifies which type of IPv6 connection to use. Must be one of either `static`, `pd`, or `none`. Defaults to `none`.
+- `ipv6_pd_interface` (String) Specifies which WAN interface to use for IPv6 PD. Must be one of either `wan` or `wan2`.
 - `ipv6_pd_prefixid` (String) Specifies the IPv6 Prefix ID.
+- `ipv6_pd_start` (String) Start address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.
+- `ipv6_pd_stop` (String) End address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.
 - `ipv6_ra_enable` (Boolean) Specifies whether to enable router advertisements or not.
-- `ipv6_static_subnet` (String) Specifies the static IPv6 subnet when ipv6_interface_type is 'static'.
+- `ipv6_ra_preferred_lifetime` (Number) Lifetime in which the address can be used. Address becomes deprecated afterwards. Must be lower than or equal to `ipv6_ra_valid_lifetime` Defaults to `14400`.
+- `ipv6_ra_priority` (String) IPv6 router advertisement priority. Must be one of either `high`, `medium`, or `low`
+- `ipv6_ra_valid_lifetime` (Number) Total lifetime in which the adress can be used. Must be equal to or greater than `ipv6_ra_preferred_lifetime`. Defaults to `86400`.
+- `ipv6_static_subnet` (String) Specifies the static IPv6 subnet when `ipv6_interface_type` is 'static'.
 - `network_group` (String) The group of the network. Defaults to `LAN`.
 - `site` (String) The name of the site to associate the network with.
 - `subnet` (String) The subnet of the network. Must be a valid CIDR address.
 - `vlan_id` (Number) The VLAN ID of the network.
+- `wan_dhcp_v6_pd_size` (Number) Specifies the IPv6 prefix size to request from ISP. Must be between 48 and 64.
 - `wan_dns` (List of String) DNS servers IPs of the WAN.
 - `wan_egress_qos` (Number) Specifies the WAN egress quality of service. Defaults to `0`.
 - `wan_gateway` (String) The IPv4 gateway of the WAN.
+- `wan_gateway_v6` (String) The IPv6 gateway of the WAN.
 - `wan_ip` (String) The IPv4 address of the WAN.
+- `wan_ipv6` (String) The IPv6 address of the WAN.
 - `wan_netmask` (String) The IPv4 netmask of the WAN.
 - `wan_networkgroup` (String) Specifies the WAN network group. Must be one of either `WAN`, `WAN2` or `WAN_LTE_FAILOVER`.
+- `wan_prefixlen` (Number) The IPv6 prefix length of the WAN. Must be between 1 and 128.
 - `wan_type` (String) Specifies the IPV4 WAN connection type. Must be one of either `disabled`, `static`, `dhcp`, or `pppoe`.
+- `wan_type_v6` (String) Specifies the IPV6 WAN connection type. Must be one of either `disabled`, `static`, or `dhcpv6`.
 - `wan_username` (String) Specifies the IPV4 WAN username.
 - `x_wan_password` (String) Specifies the IPV4 WAN password.
 

diff --git a/internal/provider/data_network.go b/internal/provider/data_network.go
@@ -102,6 +102,40 @@ func dataNetwork() *schema.Resource {
 				Type:        schema.TypeString,
 				Computed:    true,
 			},
+			"dhcp_v6_dns": {
+				Description: "Specifies the IPv6 addresses for the DNS server to be returned from the DHCP " +
+					"server. Used if `dhcp_v6_dns_auto` is set to `false`.",
+				Type:     schema.TypeList,
+				Computed: true,
+				Elem: &schema.Schema{
+					Type: schema.TypeString,
+				},
+			},
+			"dhcp_v6_dns_auto": {
+				Description: "Specifies DNS source to propagate. If set `false` the entries in `dhcp_v6_dns` are used, the upstream entries otherwise",
+				Type:        schema.TypeBool,
+				Computed:    true,
+			},
+			"dhcp_v6_enabled": {
+				Description: "Enable stateful DHCPv6 for static configuration.",
+				Type:        schema.TypeBool,
+				Computed:    true,
+			},
+			"dhcp_v6_lease": {
+				Description: "Specifies the lease time for DHCPv6 addresses.",
+				Type:        schema.TypeInt,
+				Computed:    true,
+			},
+			"dhcp_v6_start": {
+				Description: "Start address of the DHCPv6 range. Used in static DHCPv6 configuration.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"dhcp_v6_stop": {
+				Description: "End address of the DHCPv6 range. Used in static DHCPv6 configuration.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
 			"domain_name": {
 				Description: "The domain name of this network.",
 				Type:        schema.TypeString,
@@ -113,7 +147,7 @@ func dataNetwork() *schema.Resource {
 				Computed:    true,
 			},
 			"ipv6_interface_type": {
-				Description: "Specifies which type of IPv6 connection to use.",
+				Description: "Specifies which type of IPv6 connection to use. Must be one of either `static`, `pd`, or `none`.",
 				Type:        schema.TypeString,
 				Computed:    true,
 			},
@@ -123,7 +157,7 @@ func dataNetwork() *schema.Resource {
 				Computed:    true,
 			},
 			"ipv6_pd_interface": {
-				Description: "Specifies which WAN interface is used for IPv6 Prefix Delegation.",
+				Description: "Specifies which WAN interface to use for IPv6 PD. Must be one of either `wan` or `wan2`.",
 				Type:        schema.TypeString,
 				Computed:    true,
 			},
@@ -132,11 +166,36 @@ func dataNetwork() *schema.Resource {
 				Type:        schema.TypeString,
 				Computed:    true,
 			},
+			"ipv6_pd_start": {
+				Description: "Start address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"ipv6_pd_stop": {
+				Description: "End address of the DHCPv6 range. Used if `ipv6_interface_type` is set to `pd`.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
 			"ipv6_ra_enable": {
 				Description: "Specifies whether to enable router advertisements or not.",
 				Type:        schema.TypeBool,
 				Computed:    true,
 			},
+			"ipv6_ra_preferred_lifetime": {
+				Description: "Lifetime in which the address can be used. Address becomes deprecated afterwards. Must be lower than or equal to `ipv6_ra_valid_lifetime`",
+				Type:        schema.TypeInt,
+				Computed:    true,
+			},
+			"ipv6_ra_priority": {
+				Description: "IPv6 router advertisement priority. Must be one of either `high`, `medium`, or `low`",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"ipv6_ra_valid_lifetime": {
+				Description: "Total lifetime in which the address can be used. Must be equal to or greater than `ipv6_ra_preferred_lifetime`.",
+				Type:        schema.TypeInt,
+				Computed:    true,
+			},
 			"wan_ip": {
 				Description: "The IPv4 address of the WAN.",
 				Type:        schema.TypeString,
@@ -185,6 +244,31 @@ func dataNetwork() *schema.Resource {
 				Type:        schema.TypeString,
 				Computed:    true,
 			},
+			"wan_type_v6": {
+				Description: "Specifies the IPV6 WAN connection type. Must be one of either `disabled`, `static`, or `dhcpv6`.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"wan_dhcp_v6_pd_size": {
+				Description: "Specifies the IPv6 prefix size to request from ISP. Must be a number between 48 and 64.",
+				Type:        schema.TypeInt,
+				Computed:    true,
+			},
+			"wan_ipv6": {
+				Description: "The IPv6 address of the WAN.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"wan_gateway_v6": {
+				Description: "The IPv6 gateway of the WAN.",
+				Type:        schema.TypeString,
+				Computed:    true,
+			},
+			"wan_prefixlen": {
+				Description: "The IPv6 prefix length of the WAN. Must be between 1 and 128.",
+				Type:        schema.TypeInt,
+				Computed:    true,
+			},
 		},
 	}
 }
@@ -264,6 +348,11 @@ func dataNetworkRead(ctx context.Context, d *schema.ResourceData, meta interface
 			d.Set("wan_egress_qos", n.WANEgressQOS)
 			d.Set("wan_username", n.WANUsername)
 			d.Set("x_wan_password", n.XWANPassword)
+			d.Set("wan_type_v6", n.WANTypeV6)
+			d.Set("wan_dhcp_v6_pd_size", n.WANDHCPv6PDSize)
+			d.Set("wan_ipv6", n.WANIPV6)
+			d.Set("wan_gateway_v6", n.WANGatewayV6)
+			d.Set("wan_prefixlen", n.WANPrefixlen)
 
 			return nil
 		}

diff --git a/internal/provider/data_port_profile.go b/internal/provider/data_port_profile.go
@@ -2,8 +2,8 @@ package provider
 
 import (
 	"context"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 

diff --git a/internal/provider/data_radius_profile.go b/internal/provider/data_radius_profile.go
@@ -2,8 +2,8 @@ package provider
 
 import (
 	"context"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 

diff --git a/internal/provider/data_user_group.go b/internal/provider/data_user_group.go
@@ -2,8 +2,8 @@ package provider
 
 import (
 	"context"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 )
 

diff --git a/internal/provider/data_user_test.go b/internal/provider/data_user_test.go
@@ -3,10 +3,10 @@ package provider
 import (
 	"context"
 	"fmt"
-	"github.com/paultyng/go-unifi/unifi"
 	"testing"
 
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/resource"
+	"github.com/paultyng/go-unifi/unifi"
 )
 
 func TestAccDataUser_default(t *testing.T) {

diff --git a/internal/provider/resource_dynamic_dns.go b/internal/provider/resource_dynamic_dns.go
@@ -2,8 +2,8 @@ package provider
 
 import (
 	"context"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/paultyng/go-unifi/unifi"
 )

diff --git a/internal/provider/resource_firewall_group.go b/internal/provider/resource_firewall_group.go
@@ -3,8 +3,8 @@ package provider
 import (
 	"context"
 	"errors"
-	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 
+	"github.com/hashicorp/terraform-plugin-sdk/v2/diag"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
 	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
 	"github.com/paultyng/go-unifi/unifi"