terraform-routeros · vaerh · Sep 19, 2023 · Sep 17, 2023 · Sep 17, 2023 · Sep 18, 2023
diff --git a/docs/index.md b/docs/index.md
@@ -43,7 +43,10 @@ resource "routeros_interface_gre" "gre_hq" {
 
 ### Required
 
-- `hosturl` (String) URL of the ROS router. Include the scheme (http/https)
+- `hosturl` (String) URL of the ROS router. Include including the scheme:
+  - `https` new REST API with TLS/SSL
+  - `api` old API without TLS/SSL on port 8728
+  - `apis` old API with TLS/SSL 8729
 
 ### Optional
 

diff --git a/docs/resources/interface_ethernet.md b/docs/resources/interface_ethernet.md
@@ -0,0 +1,59 @@
+# routeros_interface_ethernet (Resource)
+
+
+
+
+<!-- schema generated by tfplugindocs -->
+## Schema
+
+### Required
+
+- `name` (String) Name of the ethernet interface.
+
+### Optional
+
+- `advertise` (String) Advertised speed and duplex modes for Ethernet interfaces over twisted pair, 
+				only applies when auto-negotiation is enabled. Advertising higher speeds than 
+				the actual interface supported speed will have no effect, multiple options are allowed.
+- `arp` (String) Address Resolution Protocol mode:
+				disabled - the interface will not use ARP
+				enabled - the interface will use ARP
+				local-proxy-arp - the router performs proxy ARP on the interface and sends replies to the same interface
+				proxy-arp - the router performs proxy ARP on the interface and sends replies to other interfaces
+				reply-only - the interface will only reply to requests originated from matching IP address/MAC address combinations which are entered as static entries in the ARP table. No dynamic entries will be automatically stored in the ARP table. Therefore for communications to be successful, a valid static entry must already exist.
+- `auto_negotiation` (Boolean) When enabled, the interface "advertises" its maximum capabilities to achieve the best connection possible.
+					Note1: Auto-negotiation should not be disabled on one end only, otherwise Ethernet Interfaces may not work properly.
+					Note2: Gigabit Ethernet and NBASE-T Ethernet links cannot work with auto-negotiation disabled.
+- `bandwidth` (Number) Sets max rx/tx bandwidth in kbps that will be handled by an interface. TX limit is supported on all Atheros switch-chip ports. 
+				RX limit is supported only on Atheros8327/QCA8337 switch-chip ports.
+- `cable_setting` (String) Changes the cable length setting (only applicable to NS DP83815/6 cards)
+- `combo_mode` (String) When auto mode is selected, the port that was first connected will establish the link. In case this link fails, the other port will try to establish a new link. If both ports are connected at the same time (e.g. after reboot), 
+				the priority will be the SFP/SFP+ port. When sfp mode is selected, the interface will only work through SFP/SFP+ cage.
+				When copper mode is selected, the interface will only work through RJ45 Ethernet port.
+- `comment` (String)
+- `disable_running_check` (Boolean) Disable running check. If this value is set to 'no', the router automatically detects whether the NIC is connected with a device in the network or not.
+						Default value is 'yes' because older NICs do not support it. (only applicable to x86)
+- `full_duplex` (Boolean) Defines whether the transmission of data appears in two directions simultaneously, only applies when auto-negotiation is disabled.
+- `l2mtu` (Number) Layer2 Maximum transmission unit. see (https://wiki.mikrotik.com/wiki/Maximum_Transmission_Unit_on_RouterBoards)
+- `mac_address ` (String) Media Access Control number of an interface.
+- `mdix_enable` (Boolean) Whether the MDI/X auto cross over cable correction feature is enabled for the port (Hardware specific, e.g. ether1 on RB500 can be set to yes/no. Fixed to 'yes' on other hardware.)
+- `mtu` (Number) Layer3 Maximum transmission unit
+- `poe-out` (String) PoE settings: (https://wiki.mikrotik.com/wiki/Manual:PoE-Out)
+- `poe-priority` (Number) PoE settings: (https://wiki.mikrotik.com/wiki/Manual:PoE-Out)
+- `rx_flow_control` (String) When set to on, the port will process received pause frames and suspend transmission if required.
+					auto is the same as on except when auto-negotiation=yes flow control status is resolved by taking into account what other end advertises.
+- `sfp-shutdown-temperature` (Number) The temperature in Celsius at which the interface will be temporarily turned off due to too high detected SFP module temperature (introduced v6.48).The default value for SFP/SFP+/SFP28 interfaces is 95, and for QSFP+/QSFP28 interfaces 80 (introduced v7.6).
+- `speed` (String) Sets interface data transmission speed which takes effect only when auto-negotiation is disabled.
+- `tx_flow_control` (String) When set to on, the port will generate pause frames to the upstream device to temporarily stop the packet transmission. 
+					Pause frames are only generated when some routers output interface is congested and packets cannot be transmitted anymore. 
+					Auto is the same as on except when auto-negotiation=yes flow control status is resolved by taking into account what other end advertises.
+
+### Read-Only
+
+- `id` (String) The ID of this resource.
+- `orig-mac-address` (String) Original Media Access Control number of an interface. (read only)
+- `running` (Boolean) Whether interface is running. Note that some interface does not have running check and they are always reported as "running"
+- `slave` (Boolean) Whether interface is configured as a slave of another interface (for example Bonding)
+- `switch` (Number) ID to which switch chip interface belongs to.
+
+
diff --git a/docs/resources/interface_wireguard_peer.md b/docs/resources/interface_wireguard_peer.md
@@ -11,7 +11,7 @@ resource "routeros_interface_wireguard" "test_wg_interface" {
 resource "routeros_interface_wireguard_peer" "wg_peer" {
   interface  = routeros_interface_wireguard.test_wg_interface.name
   public_key = "MY_BASE_64_PUBLIC_KEY"
-  allowed_addresses = [
+  allowed_address = [
     "192.168.0.0/16",
     "172.16.0.0/12",
     "10.0.0.0/8",

@@ -111,6 +111,7 @@ func Provider() *schema.Provider {
 			"routeros_interface_veth":            ResourceInterfaceVeth(),
 			"routeros_interface_bonding":         ResourceInterfaceBonding(),
 			"routeros_interface_pppoe_client":    ResourceInterfacePPPoEClient(),
+			"routeros_interface_ethernet":        ResourceInterfaceEthernet(),
 
 			// Aliases for interface objects to retain compatibility between original and fork
 			"routeros_bridge":         ResourceInterfaceBridge(),

@@ -0,0 +1,186 @@
+package routeros
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+/*
+PENDING STATE
+*/
+
+// https://help.mikrotik.com/docs/display/ROS/Ethernet#Ethernet-Properties
+func ResourceInterfaceEthernet() *schema.Resource {
+	resSchema := map[string]*schema.Schema{
+		MetaResourcePath: PropResourcePath("/interface/ethernet"),
+		MetaId:           PropId(Id),
+		"advertise": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Default:  "",
+			Description: `
+				Advertised speed and duplex modes for Ethernet interfaces over twisted pair, 
+				only applies when auto-negotiation is enabled. Advertising higher speeds than 
+				the actual interface supported speed will have no effect, multiple options are allowed.`,
+			ValidateFunc: validation.StringInSlice([]string{
+				"10M-full", "10M-half", "100M-full", "100M-half",
+				"1000M-full", "1000M-half", "2500M-full", "5000M-full", "10000M-full"}, false),
+		},
+		"arp": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Default:  "enabled",
+			Description: `Address Resolution Protocol mode:
+				disabled - the interface will not use ARP
+				enabled - the interface will use ARP
+				local-proxy-arp - the router performs proxy ARP on the interface and sends replies to the same interface
+				proxy-arp - the router performs proxy ARP on the interface and sends replies to other interfaces
+				reply-only - the interface will only reply to requests originated from matching IP address/MAC address combinations which are entered as static entries in the ARP table. No dynamic entries will be automatically stored in the ARP table. Therefore for communications to be successful, a valid static entry must already exist.`,
+			ValidateFunc: validation.StringInSlice([]string{"disabled", "enabled", "local-proxy-arp", "proxy-arp", "reply-only"}, false),
+		},
+		"auto_negotiation": {
+			Type:     schema.TypeBool,
+			Optional: true,
+			Default:  true,
+			Description: `When enabled, the interface "advertises" its maximum capabilities to achieve the best connection possible.
+					Note1: Auto-negotiation should not be disabled on one end only, otherwise Ethernet Interfaces may not work properly.
+					Note2: Gigabit Ethernet and NBASE-T Ethernet links cannot work with auto-negotiation disabled.`,
+		},
+		"bandwidth": {
+			Type:     schema.TypeInt,
+			Optional: true,
+			Description: `Sets max rx/tx bandwidth in kbps that will be handled by an interface. TX limit is supported on all Atheros switch-chip ports. 
+				RX limit is supported only on Atheros8327/QCA8337 switch-chip ports.`,
+		},
+		"cable_setting": {
+			Type:         schema.TypeString,
+			Optional:     true,
+			Description:  `Changes the cable length setting (only applicable to NS DP83815/6 cards)`,
+			ValidateFunc: validation.StringInSlice([]string{"default", "short", "standard"}, false),
+		},
+		"combo_mode": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Default:  "auto",
+			Description: `When auto mode is selected, the port that was first connected will establish the link. In case this link fails, the other port will try to establish a new link. If both ports are connected at the same time (e.g. after reboot), 
+				the priority will be the SFP/SFP+ port. When sfp mode is selected, the interface will only work through SFP/SFP+ cage.
+				When copper mode is selected, the interface will only work through RJ45 Ethernet port.`,
+			ValidateFunc: validation.StringInSlice([]string{"auto", "copper", "sfp"}, false),
+		},
+		KeyComment: PropCommentRw,
+		"disable_running_check": {
+			Type: schema.TypeBool,
+			Description: `Disable running check. If this value is set to 'no', the router automatically detects whether the NIC is connected with a device in the network or not.
+						Default value is 'yes' because older NICs do not support it. (only applicable to x86)`,
+			Default:  true,
+			Optional: true,
+		},
+		"tx_flow_control": {
+			Type: schema.TypeString,
+			Description: `When set to on, the port will generate pause frames to the upstream device to temporarily stop the packet transmission. 
+					Pause frames are only generated when some routers output interface is congested and packets cannot be transmitted anymore. 
+					Auto is the same as on except when auto-negotiation=yes flow control status is resolved by taking into account what other end advertises.`,
+			Default:      "off",
+			Optional:     true,
+			ValidateFunc: validation.StringInSlice([]string{"on", "off", "auto"}, false),
+		},
+		"rx_flow_control": {
+			Type: schema.TypeString,
+			Description: `When set to on, the port will process received pause frames and suspend transmission if required.
+					auto is the same as on except when auto-negotiation=yes flow control status is resolved by taking into account what other end advertises.`,
+			Default:      "off",
+			Optional:     true,
+			ValidateFunc: validation.StringInSlice([]string{"on", "off", "auto"}, false),
+		},
+		"full_duplex": {
+			Type:        schema.TypeBool,
+			Description: `Defines whether the transmission of data appears in two directions simultaneously, only applies when auto-negotiation is disabled.`,
+			Default:     true,
+			Optional:    true,
+		},
+		"l2mtu": {
+			Type:         schema.TypeInt,
+			Description:  `Layer2 Maximum transmission unit. see (https://wiki.mikrotik.com/wiki/Maximum_Transmission_Unit_on_RouterBoards)`,
+			Optional:     true,
+			ValidateFunc: validation.IntBetween(0, 65536),
+		},
+		"mac_address ": {
+			Type:        schema.TypeString,
+			Description: `Media Access Control number of an interface.`,
+			Optional:    true,
+			Default:     "",
+		},
+		"mdix_enable": {
+			Type:        schema.TypeBool,
+			Description: `Whether the MDI/X auto cross over cable correction feature is enabled for the port (Hardware specific, e.g. ether1 on RB500 can be set to yes/no. Fixed to 'yes' on other hardware.)`,
+			Optional:    true,
+			Default:     true,
+		},
+		"mtu": {
+			Type:         schema.TypeInt,
+			Optional:     true,
+			Default:      1500,
+			Description:  "Layer3 Maximum transmission unit",
+			ValidateFunc: validation.IntBetween(0, 65536),
+		},
+		KeyName: PropName("Name of the ethernet interface."),
+		"orig-mac-address": {
+			Type:        schema.TypeString,
+			Description: "Original Media Access Control number of an interface. (read only)",
+			Computed:    true,
+		},
+		"poe-out": {
+			Type:         schema.TypeString,
+			Description:  "PoE settings: (https://wiki.mikrotik.com/wiki/Manual:PoE-Out)",
+			Default:      "off",
+			Optional:     true,
+			ValidateFunc: validation.StringInSlice([]string{"auto-on", "forced-on", "off"}, false),
+		},
+		"poe-priority": {
+			Type:         schema.TypeInt,
+			Description:  "PoE settings: (https://wiki.mikrotik.com/wiki/Manual:PoE-Out)",
+			Optional:     true,
+			ValidateFunc: validation.IntBetween(0, 99),
+		},
+		"sfp-shutdown-temperature": {
+			Type: schema.TypeInt,
+			Description: "The temperature in Celsius at which the interface will be temporarily turned off due to too high detected SFP module temperature (introduced v6.48)." +
+				"The default value for SFP/SFP+/SFP28 interfaces is 95, and for QSFP+/QSFP28 interfaces 80 (introduced v7.6).",
+			Optional: true,
+		},
+		"speed": {
+			Type:         schema.TypeString,
+			Description:  "Sets interface data transmission speed which takes effect only when auto-negotiation is disabled.",
+			Optional:     true,
+			ValidateFunc: validation.StringInSlice([]string{"10Mbps", "10Gbps", "100Mbps", "1Gbps"}, false),
+		},
+		"running": {
+			Type:        schema.TypeBool,
+			Description: "Whether interface is running. Note that some interface does not have running check and they are always reported as \"running\"",
+			Computed:    true,
+		},
+		"slave": {
+			Type:        schema.TypeBool,
+			Description: "Whether interface is configured as a slave of another interface (for example Bonding)",
+			Computed:    true,
+		},
+		"switch": {
+			Type:        schema.TypeInt,
+			Description: "ID to which switch chip interface belongs to.",
+			Computed:    true,
+		},
+	}
+
+	return &schema.Resource{
+		CreateContext: DefaultCreate(resSchema),
+		ReadContext:   DefaultRead(resSchema),
+		UpdateContext: DefaultUpdate(resSchema),
+		DeleteContext: DefaultDelete(resSchema),
+
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: resSchema,
+	}
+}