jessikitty/opnsense-device-control
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Home Assistant configuration for device control

Browse Source
This commit is contained in:
jessikitty
2025-12-30 23:23:00 +11:00
parent 708a467a62
commit 29a6ccbcae
1 changed files with 481 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

481
opnsense_device_control.yaml Normal file
View File

@@ -0,0 +1,481 @@
# OPNsense Device Control Configuration for Home Assistant
# This provides device discovery, user assignment, and internet blocking capabilities
# Input Selects for User Assignment
input_select:
# Bella's Devices (Age 14)
device_user_bella_phone:
name: "Bella's Phone Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "Bella"
icon: mdi:cellphone
device_user_bella_tablet:
name: "Bella's Tablet Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "Bella"
icon: mdi:tablet
# Xander's Devices (Age 15)
device_user_xander_phone:
name: "Xander's Phone Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "Xander"
icon: mdi:cellphone
device_user_xander_desktop:
name: "Xander's Desktop Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "Xander"
icon: mdi:desktop-tower
# William's Devices (Age 17)
device_user_william_phone:
name: "William's Phone Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "William"
icon: mdi:cellphone
device_user_william_laptop:
name: "William's Laptop Owner"
options:
- "Bella"
- "Xander"
- "William"
- "Parent"
- "Guest"
- "Unassigned"
initial: "William"
icon: mdi:laptop
# Input Booleans for Internet Blocking
input_boolean:
# Master Controls
parental_controls_enabled:
name: "Parental Controls Enabled"
icon: mdi:shield-account
# Bella's Device Blocks
block_bella_phone:
name: "Block Bella's Phone"
icon: mdi:cellphone-off
block_bella_tablet:
name: "Block Bella's Tablet"
icon: mdi:tablet-off
# Xander's Device Blocks
block_xander_phone:
name: "Block Xander's Phone"
icon: mdi:cellphone-off
block_xander_desktop:
name: "Block Xander's Desktop"
icon: mdi:desktop-tower-off
# William's Device Blocks
block_william_phone:
name: "Block William's Phone"
icon: mdi:cellphone-off
block_william_laptop:
name: "Block William's Laptop"
icon: mdi:laptop-off
# User-wide blocks (blocks ALL devices for a user)
block_all_bella_devices:
name: "Block All Bella's Devices"
icon: mdi:account-off
block_all_xander_devices:
name: "Block All Xander's Devices"
icon: mdi:account-off
block_all_william_devices:
name: "Block All William's Devices"
icon: mdi:account-off
# Input Text for Device MAC Addresses
input_text:
# Bella's Device MACs
mac_bella_phone:
name: "Bella's Phone MAC"
initial: ""
icon: mdi:cellphone
mac_bella_phone_wifi:
name: "Bella's Phone WiFi MAC"
initial: ""
icon: mdi:wifi
mac_bella_tablet:
name: "Bella's Tablet MAC"
initial: ""
icon: mdi:tablet
mac_bella_tablet_wifi:
name: "Bella's Tablet WiFi MAC"
initial: ""
icon: mdi:wifi
# Xander's Device MACs
mac_xander_phone:
name: "Xander's Phone MAC"
initial: ""
icon: mdi:cellphone
mac_xander_phone_wifi:
name: "Xander's Phone WiFi MAC"
initial: ""
icon: mdi:wifi
mac_xander_desktop:
name: "Xander's Desktop MAC (Wired)"
initial: ""
icon: mdi:desktop-tower
mac_xander_desktop_wifi:
name: "Xander's Desktop MAC (WiFi)"
initial: ""
icon: mdi:wifi
# William's Device MACs
mac_william_phone:
name: "William's Phone MAC"
initial: ""
icon: mdi:cellphone
mac_william_phone_wifi:
name: "William's Phone WiFi MAC"
initial: ""
icon: mdi:wifi
mac_william_laptop:
name: "William's Laptop MAC (Wired)"
initial: ""
icon: mdi:laptop
mac_william_laptop_wifi:
name: "William's Laptop MAC (WiFi)"
initial: ""
icon: mdi:wifi
# Sensors for Device Status
sensor:
- platform: template
sensors:
bella_devices_blocked_count:
friendly_name: "Bella Blocked Devices"
value_template: >
{% set count = 0 %}
{% if is_state('input_boolean.block_bella_phone', 'on') %}
{% set count = count + 1 %}
{% endif %}
{% if is_state('input_boolean.block_bella_tablet', 'on') %}
{% set count = count + 1 %}
{% endif %}
{{ count }}
icon_template: mdi:counter
xander_devices_blocked_count:
friendly_name: "Xander Blocked Devices"
value_template: >
{% set count = 0 %}
{% if is_state('input_boolean.block_xander_phone', 'on') %}
{% set count = count + 1 %}
{% endif %}
{% if is_state('input_boolean.block_xander_desktop', 'on') %}
{% set count = count + 1 %}
{% endif %}
{{ count }}
icon_template: mdi:counter
william_devices_blocked_count:
friendly_name: "William Blocked Devices"
value_template: >
{% set count = 0 %}
{% if is_state('input_boolean.block_william_phone', 'on') %}
{% set count = count + 1 %}
{% endif %}
{% if is_state('input_boolean.block_william_laptop', 'on') %}
{% set count = count + 1 %}
{% endif %}
{{ count }}
icon_template: mdi:counter
# REST Commands for OPNsense API
rest_command:
# Create/Update Firewall Alias for Blocked MACs
opnsense_update_blocked_alias:
url: "https://10.0.0.254/api/firewall/alias/setItem/{{ alias_uuid }}"
method: POST
headers:
Content-Type: application/json
payload: >
{
"alias": {
"enabled": "1",
"name": "{{ alias_name }}",
"type": "mac",
"content": "{{ mac_addresses }}",
"description": "{{ description }}"
}
}
username: !secret opnsense_api_key
password: !secret opnsense_api_secret
verify_ssl: false
# Apply Firewall Changes
opnsense_apply_firewall:
url: "https://10.0.0.254/api/firewall/filter/apply"
method: POST
username: !secret opnsense_api_key
password: !secret opnsense_api_secret
verify_ssl: false
# Create Block Rule for Alias
opnsense_create_block_rule:
url: "https://10.0.0.254/api/firewall/filter/addRule"
method: POST
headers:
Content-Type: application/json
payload: >
{
"rule": {
"enabled": "1",
"action": "block",
"interface": "lan",
"direction": "out",
"ipprotocol": "inet",
"protocol": "any",
"source_net": "{{ alias_name }}",
"destination_net": "any",
"description": "{{ description }}",
"log": "1"
}
}
username: !secret opnsense_api_key
password: !secret opnsense_api_secret
verify_ssl: false
# Automations
automation:
# Block All Bella Devices Toggle
- id: block_all_bella_devices_on
alias: "Block All Bella Devices - ON"
trigger:
- platform: state
entity_id: input_boolean.block_all_bella_devices
to: 'on'
action:
- service: input_boolean.turn_on
target:
entity_id:
- input_boolean.block_bella_phone
- input_boolean.block_bella_tablet
- id: block_all_bella_devices_off
alias: "Block All Bella Devices - OFF"
trigger:
- platform: state
entity_id: input_boolean.block_all_bella_devices
to: 'off'
action:
- service: input_boolean.turn_off
target:
entity_id:
- input_boolean.block_bella_phone
- input_boolean.block_bella_tablet
# Block All Xander Devices Toggle
- id: block_all_xander_devices_on
alias: "Block All Xander Devices - ON"
trigger:
- platform: state
entity_id: input_boolean.block_all_xander_devices
to: 'on'
action:
- service: input_boolean.turn_on
target:
entity_id:
- input_boolean.block_xander_phone
- input_boolean.block_xander_desktop
- id: block_all_xander_devices_off
alias: "Block All Xander Devices - OFF"
trigger:
- platform: state
entity_id: input_boolean.block_all_xander_devices
to: 'off'
action:
- service: input_boolean.turn_off
target:
entity_id:
- input_boolean.block_xander_phone
- input_boolean.block_xander_desktop
# Block All William Devices Toggle
- id: block_all_william_devices_on
alias: "Block All William Devices - ON"
trigger:
- platform: state
entity_id: input_boolean.block_all_william_devices
to: 'on'
action:
- service: input_boolean.turn_on
target:
entity_id:
- input_boolean.block_william_phone
- input_boolean.block_william_laptop
- id: block_all_william_devices_off
alias: "Block All William Devices - OFF"
trigger:
- platform: state
entity_id: input_boolean.block_all_william_devices
to: 'off'
action:
- service: input_boolean.turn_off
target:
entity_id:
- input_boolean.block_william_phone
- input_boolean.block_william_laptop
# Update OPNsense when blocks change
- id: update_opnsense_bella_blocks
alias: "Update OPNsense - Bella Blocks"
trigger:
- platform: state
entity_id:
- input_boolean.block_bella_phone
- input_boolean.block_bella_tablet
action:
- service: rest_command.opnsense_update_blocked_alias
data:
alias_uuid: "bella_blocked"
alias_name: "Blocked_Bella"
description: "Bella's Blocked Devices"
mac_addresses: >
{% set macs = [] %}
{% if is_state('input_boolean.block_bella_phone', 'on') %}
{% if states('input_text.mac_bella_phone') != '' %}
{% set macs = macs + [states('input_text.mac_bella_phone')] %}
{% endif %}
{% if states('input_text.mac_bella_phone_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_bella_phone_wifi')] %}
{% endif %}
{% endif %}
{% if is_state('input_boolean.block_bella_tablet', 'on') %}
{% if states('input_text.mac_bella_tablet') != '' %}
{% set macs = macs + [states('input_text.mac_bella_tablet')] %}
{% endif %}
{% if states('input_text.mac_bella_tablet_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_bella_tablet_wifi')] %}
{% endif %}
{% endif %}
{{ macs | join('\n') }}
- delay:
seconds: 2
- service: rest_command.opnsense_apply_firewall
- id: update_opnsense_xander_blocks
alias: "Update OPNsense - Xander Blocks"
trigger:
- platform: state
entity_id:
- input_boolean.block_xander_phone
- input_boolean.block_xander_desktop
action:
- service: rest_command.opnsense_update_blocked_alias
data:
alias_uuid: "xander_blocked"
alias_name: "Blocked_Xander"
description: "Xander's Blocked Devices"
mac_addresses: >
{% set macs = [] %}
{% if is_state('input_boolean.block_xander_phone', 'on') %}
{% if states('input_text.mac_xander_phone') != '' %}
{% set macs = macs + [states('input_text.mac_xander_phone')] %}
{% endif %}
{% if states('input_text.mac_xander_phone_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_xander_phone_wifi')] %}
{% endif %}
{% endif %}
{% if is_state('input_boolean.block_xander_desktop', 'on') %}
{% if states('input_text.mac_xander_desktop') != '' %}
{% set macs = macs + [states('input_text.mac_xander_desktop')] %}
{% endif %}
{% if states('input_text.mac_xander_desktop_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_xander_desktop_wifi')] %}
{% endif %}
{% endif %}
{{ macs | join('\n') }}
- delay:
seconds: 2
- service: rest_command.opnsense_apply_firewall
- id: update_opnsense_william_blocks
alias: "Update OPNsense - William Blocks"
trigger:
- platform: state
entity_id:
- input_boolean.block_william_phone
- input_boolean.block_william_laptop
action:
- service: rest_command.opnsense_update_blocked_alias
data:
alias_uuid: "william_blocked"
alias_name: "Blocked_William"
description: "William's Blocked Devices"
mac_addresses: >
{% set macs = [] %}
{% if is_state('input_boolean.block_william_phone', 'on') %}
{% if states('input_text.mac_william_phone') != '' %}
{% set macs = macs + [states('input_text.mac_william_phone')] %}
{% endif %}
{% if states('input_text.mac_william_phone_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_william_phone_wifi')] %}
{% endif %}
{% endif %}
{% if is_state('input_boolean.block_william_laptop', 'on') %}
{% if states('input_text.mac_william_laptop') != '' %}
{% set macs = macs + [states('input_text.mac_william_laptop')] %}
{% endif %}
{% if states('input_text.mac_william_laptop_wifi') != '' %}
{% set macs = macs + [states('input_text.mac_william_laptop_wifi')] %}
{% endif %}
{% endif %}
{{ macs | join('\n') }}
- delay:
seconds: 2
- service: rest_command.opnsense_apply_firewall