Skip to content

jimi3/opnsense-update-notify

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

52 Commits
dist
dist
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
config.yml.example
config.yml.example
 
 
main.py
main.py
 
 
poetry.lock
poetry.lock
 
 
pyproject.toml
pyproject.toml
 
 
schema.yml
schema.yml
 
 

Repository files navigation

OPNsense Update Notify

An update notification script for OPNsense.

About

This is a script that makes an API connection to OPNsense and checks if there is any pending updates and if there are, it sends a message with details.

Based on the script by Bart J. Smit, 'ObecalpEffect' and Franco Fichtner, forked from https://github.com/bartsmit/opnsense-update-email.

Setup

It's recommended to create a user with access restricted to the API endpoints required to retrieve update information needed by the script. The steps to do this are as follows:

  1. Add a new group under System>Access>Groups. All that is required here is Group name.

  2. After creating the group, click on Edit for the newly created group. Under Assigned Privileges click Edit.

  3. Scroll down to or search for System: Firmware. Tick to add the priviledges to the group (click the i to view the endpoints).

  4. Add a new user under System>Access>Users.

    1. Provide a Username.

    2. Under Password tick Generate a scrambled password to prevent local database logins for this user..

    3. Then under Group Memberships click the previously created group and click Add groups (->).

  5. After creating the new user, click on Edit. Under API keys click Create API key (+). Your browser will prompt you to download or open a text file. This file will have the api_key and api_secret values used in the config (see the Config below).

Config

The configuration file config.yml has three main sections (see config.yml.example). The already filled in values in the example config are the defaults.

OPNsense

opnsense:
  host:
  self_signed: true
  api_key:
  api_secret:

host is either the ip address or hostname of the OPNsense web interface.

self_signed refers to whether the TLS certificate is self signed or not, it maybe be either true or false. Since OPNsense creates it's own self signed cert by default, the default for this value is true.

api_key and api_secret refers to the values provided in step 5 of the Setup section above.

Emitters

emitter: telegram

The emitter refers to one of the message services listed in the subsections below (only Telegram for now).

Telegram

telegram:
  token:
  chatid:

token is the token for the Telegram bot, which is provided by creating a bot by following the steps provided in the Telegram bot API documentation.

chatid is the unique identifier for the target chat. It can be obtained by messaging the bot and executing the following command (replace $BOT_TOKEN). The ID may be found at "chat": {"id": 12345678},:

curl https://api.telegram.org/bot$BOT_TOKEN/getUpdates | python -m json.tool

About

An update notification script for OPNsense.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%