I ended up having 2 firewalls, and made an attempt for carp on the WAN, but ended up deciding against it due to the complexity and confusion.
Right now I didn’t see a need for a dual wan connection;
Next/TODO Automations
- DNS Updates
- Route53 Auto Updates
- Cron Update Job every 15 minutes
- ACME Updates Automatically
- HAPROXY Configuration
Below is a nice example of using api access with the Opnsense API (note the api keys have been rotated and the ip’s have been updated :) )
# Get ip of public ip
curl -k -u "5uOzmvBMiYCrYmXBYxuKo/qG9CwyuecD2DgRshSZt9htpPutdsvAdpioMysKSswTn1jsXBVCFJlBRWGx":"wo3kqmqjPvcN4dkgyvzYuP1h81Fn1VwFx6VIHZqusHCmjp65jBo9slkIYFa6vMPD0VayFZMy8aDScSh0" 10.0.4.21:3000/api/diagnostics/interface/getInterfaceConfig | jq .'vtnet0.ipv4[0].ipaddr'
# Get Interface Names
curl -k -u "5uOzmvBMiYCrYmXBYxuKo/qG9CwyuecD2DgRshSZt9htpPutdsvAdpioMysKSswTn1jsXBVCFJlBRWGx":"wo3kqmqjPvcN4dkgyvzYuP1h81Fn1VwFx6VIHZqusHCmjp65jBo9slkIYFa6vMPD0VayFZMy8aDScSh0" 10.0.4.21:3000/api/diagnostics/interface/getInterfaceNames | jq