ops-opnsenselisted

# OPNsense Configuration (Terraform) Complete guide to configure OPNsense declaratively with Terraform and the `browningluke/opnsense` provider. ## When to use this Skill **Activate this skill to:** - Configure OPNsense network interfaces (WAN, LAN, VLANs) - Manage firewall rules - Configure NAT and port forwarding - Manage DHCP and DNS services - Create aliases to simplify rules **Do not use for:** - Initial OPNsense installation (see manual documentation) - VM provisioning (use `/ops:ops-proxmox`) - Advanced OPNsense plugins (HAProxy, Suricata) ## Terraform Provider | Attribute | Value | |-----------|-------| | **Provider** | `browningluke/opnsense` | | **Version** | >= 0.11 | | **Documentation** | https://registry.terraform.io/providers/browningluke/opnsense/latest/docs | | **GitHub** | https://github.com/browningluke/terraform-provider-opnsense | ### Provider Configuration ```hcl terraform { required_providers { opnsense = { source = "browningluke/opnsense" version = "~> 0.11" } } } provider "opnsense" { uri = var.opnsense_uri # https://192.168.10.1 api_key = var.opnsense_api_key # Sensitive api_secret = var.opnsense_api_secret # Sensitive allow_insecure = true # false in production } ``` ## Configuration Patterns ### 1. Network Interfaces ```hcl # WAN interface (DHCP from ISP box) resource "opnsense_interface" "wan" { device = "vtnet0" description =