• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

automate deployment

Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
3 Posts 2 Posters 535 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    camepp
    last edited by Aug 29, 2023, 4:09 PM

    I'm looking for a way to automate the install and config of our pfsense appliance(s).

    Has anyone had any experience using either the ECL with a custom config.xml, or using the PHP shell commands (with ansible or something like that), to get a zero-touch deployment working?
    Even better - has anyone done this in AWS? Or with Terraform?

    I found an old post with this question, but it didn't have any responses, so I'm making a new one.

    S 1 Reply Last reply Aug 29, 2023, 7:56 PM Reply Quote 0
    • S
      SteveITS Galactic Empire @camepp
      last edited by Aug 29, 2023, 7:56 PM

      @camepp I thought about just doing a restore once but a few defaults differ on different Netgate models, sometimes (power settings, etc.) Plus we tweak a few things from time to time. If it was more consistent hardware/VM it would probably be easier.

      If you do this be careful not to restore SSH/ACB keys.

      Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
      When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
      Upvote 👍 helpful posts!

      C 1 Reply Last reply Aug 30, 2023, 2:18 PM Reply Quote 0
      • C
        camepp @SteveITS
        last edited by Aug 30, 2023, 2:18 PM

        @SteveITS We are working with the AWS pfsense appliance, so we can be confident that the basic configuration will be stable (unless I add NICs or something like that).

        Our goal is to be able to deploy or restore the firewall without a human having to log in to load a backup file or look up a password or anything like that - just have the config.xml available and loaded automatically.

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received