Added pfsense upgrade roles

2026-04-27 13:15:56 -07:00
parent 1e26dd304b
commit 03e889051e
35 changed files with 956 additions and 8 deletions
--- a/roles/pfsense_upgrade/defaults/main.yml
+++ b/roles/pfsense_upgrade/defaults/main.yml
@@ -0,0 +1,29 @@
+---
+# roles/pfsense_upgrade/defaults/main.yml
+# Override any of these in group_vars, host_vars, or at the CLI with -e
+
+# --- Safety gates ---
+perform_upgrade: false          # Must explicitly set to true to apply upgrades
+allow_major_upgrade: false      # Set true to permit branch-crossing upgrades (e.g. 2.7 → 2.8)
+skip_backup_check: false        # Set true to skip the pre-upgrade config backup step
+
+# --- Upgrade behavior ---
+auto_reboot: true               # Reboot automatically after upgrade if required
+reboot_timeout: 300             # Seconds to wait for host to come back after reboot
+upgrade_check_timeout: 120      # Timeout for pfSense-upgrade version check
+pkg_repo_update: true           # Run pkg update before checking for upgrades
+
+# --- Notification ---
+# Optional: set to a Slack/Teams webhook URL to post upgrade results
+notify_webhook_url: ""
+
+# --- pfSense paths ---
+pfsense_version_file: /etc/version
+pfsense_version_patch_file: /etc/version.patch
+pfsense_version_buildtime: /etc/version.buildtime
+pfsense_upgrade_bin: /usr/local/sbin/pfSense-upgrade
+pfsense_config_backup_path: /cf/conf/backup
+
+# --- Release tracking ---
+# Netgate publishes release notes/versions at this URL (CE edition)
+pfsense_release_url: "https://raw.githubusercontent.com/pfsense/pfsense/master/src/etc/version"