{"id":15141761,"url":"https://github.com/mrjackyliang/pfsense-actions","last_synced_at":"2026-01-20T02:47:15.934Z","repository":{"id":255665577,"uuid":"853361409","full_name":"mrjackyliang/pfsense-actions","owner":"mrjackyliang","description":"A controller that allows a network administrator to run simple actions such as Wake-on-LAN and reload firewall filters","archived":false,"fork":false,"pushed_at":"2025-03-14T20:00:11.000Z","size":57,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-12-01T04:43:33.019Z","etag":null,"topics":["docker-image","dyndns","dyndns-updater","pfsense","pfsense-firewall","wake-on-lan"],"latest_commit_sha":null,"homepage":"https://github.com/mrjackyliang/pfsense-actions","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mrjackyliang.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"mrjackyliang","custom":"https://liang.nyc/paypal"}},"created_at":"2024-09-06T13:59:43.000Z","updated_at":"2025-03-14T19:59:59.000Z","dependencies_parsed_at":"2024-09-12T08:31:06.668Z","dependency_job_id":"8b32156a-00f6-4a7d-911f-a6099b6b17c9","html_url":"https://github.com/mrjackyliang/pfsense-actions","commit_stats":null,"previous_names":["mrjackyliang/pfsense-actions"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/mrjackyliang/pfsense-actions","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjackyliang%2Fpfsense-actions","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjackyliang%2Fpfsense-actions/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjackyliang%2Fpfsense-actions/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjackyliang%2Fpfsense-actions/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mrjackyliang","download_url":"https://codeload.github.com/mrjackyliang/pfsense-actions/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mrjackyliang%2Fpfsense-actions/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28594958,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T02:08:49.799Z","status":"ssl_error","status_checked_at":"2026-01-20T02:08:44.148Z","response_time":117,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["docker-image","dyndns","dyndns-updater","pfsense","pfsense-firewall","wake-on-lan"],"created_at":"2024-09-26T09:01:48.637Z","updated_at":"2026-01-20T02:47:15.918Z","avatar_url":"https://github.com/mrjackyliang.png","language":"TypeScript","funding_links":["https://github.com/sponsors/mrjackyliang","https://liang.nyc/paypal","https://github.com/sponsors/mrjackyliang)!"],"categories":[],"sub_categories":[],"readme":"pfSense® Actions\n=================\n\n[![GitHub Releases](https://img.shields.io/github/v/release/mrjackyliang/pfsense-actions?style=flat-square\u0026logo=github\u0026logoColor=%23ffffff\u0026color=%23b25da6)](https://github.com/mrjackyliang/pfsense-actions/releases)\n[![GitHub Top Languages](https://img.shields.io/github/languages/top/mrjackyliang/pfsense-actions?style=flat-square\u0026logo=typescript\u0026logoColor=%23ffffff\u0026color=%236688c3)](https://github.com/mrjackyliang/pfsense-actions)\n[![GitHub License](https://img.shields.io/github/license/mrjackyliang/pfsense-actions?style=flat-square\u0026logo=googledocs\u0026logoColor=%23ffffff\u0026color=%2348a56a)](https://github.com/mrjackyliang/pfsense-actions/blob/main/LICENSE)\n[![Become a GitHub Sponsor](https://img.shields.io/badge/github-sponsor-gray?style=flat-square\u0026logo=githubsponsors\u0026logoColor=%23ffffff\u0026color=%23eaaf41)](https://github.com/sponsors/mrjackyliang)\n[![Donate via PayPal](https://img.shields.io/badge/paypal-donate-gray?style=flat-square\u0026logo=paypal\u0026logoColor=%23ffffff\u0026color=%23ce4a4a)](https://liang.nyc/paypal)\n\nThis is a Docker-based image to be deployed on a local server that allows you to run quick actions remotely without logging into your pfSense® system.\n\nThis controller allows you to run simple actions such as Wake-on-LAN and reloading firewall filters. __This controller prioritizes security in its design and does not allow modifying or exporting any configurations.__\n\nTo use this controller, here are three simple steps you need to follow:\n1. Deploy the controller using the [instructions](#instructions) below.\n2. Verify your deployment after the Docker runs successfully.\n3. Implement this controller using your scripts!\n\n## Instructions\nRun this controller using a Docker `run` command. Before deployment, ensure that you have [SSH](#setting-up-secure-shell) configured on your firewall, then replace the environment variables to run the container.\n```shell\ndocker run \\\n -d \\\n -e \"API_KEY=\" \\\n -e \"PORT=\" \\\n -e \"PFSENSE_SSH_IP=192.168.1.1\" \\\n -e \"PFSENSE_SSH_PORT=22\" \\\n -e \"PFSENSE_USERNAME=admin\" \\\n -e \"PFSENSE_PASSWORD=pfsense\" \\\n -e \"PFSENSE_PRIVATE_KEY=\" \\\n -p 9898:9898 \\\n --name pfsense-actions \\\n mrjackyliang/pfsense-actions:latest\n```\n\nAlternatively, a `docker-compose.yml` is provided to you, with a sample below. Simply paste the configuration shown below and replace the environment variables:\n```yaml\nservices:\n pfsense-actions:\n image: \"mrjackyliang/pfsense-actions:latest\"\n environment:\n - \"API_KEY=\"\n - \"PORT=\"\n - \"PFSENSE_SSH_IP=192.168.1.1\"\n - \"PFSENSE_SSH_PORT=22\"\n - \"PFSENSE_USERNAME=admin\"\n - \"PFSENSE_PASSWORD=pfsense\"\n - \"PFSENSE_PRIVATE_KEY=\"\n ports:\n - \"9898:9898\"\n```\n\n## Environment Variables\n| Variable | Description | Required | Default |\n|-----------------------|-------------------------------------------------------------------------|----------|---------------------------------------------|\n| `API_KEY` | An API key used to access pfSense® Actions | `false` | Randomly generates a UUID on every start-up |\n| `PORT` | The HTTP port used to access pfSense® Actions | `false` | `9898` |\n| `PFSENSE_SSH_IP` | IP address of your pfSense® firewall used to initiate an SSH connection | `true` | |\n| `PFSENSE_SSH_PORT` | SSH port of your pfSense® firewall used to initiate an SSH connection | `true` | |\n| `PFSENSE_USERNAME` | Username to login to your pfSense® firewall | `true` | |\n| `PFSENSE_PASSWORD` | Password to login to your pfSense® firewall | `true` | |\n| `PFSENSE_PRIVATE_KEY` | Contents of the private key to login to your pfSense® firewall | `true` | |\n\n## Available Endpoints\n| Endpoint | Description | Method | Instructions |\n|-----------------|-----------------------------------------------------------|--------|-------------------------------------------------------------|\n| `ping` | Send a ping check request to a connected device | `POST` | [Ping Endpoint](#ping-endpoint) |\n| `reload-filter` | Reload the filters on your pfSense® firewall | `GET` | [Reload Filter Endpoint](#reload-filter-endpoint) |\n| `update-dyndns` | Update the Dynamic DNS settings on your pfSense® firewall | `GET` | [Update Dynamic DNS Endpoint](#update-dynamic-dns-endpoint) |\n| `wol` | Send a Wake-on-LAN request to a connected device | `POST` | [Wake-on-LAN Endpoint](#wake-on-lan-endpoint) |\n\n## Authorizing Your Requests\nWhen accessing the controller, ensure that you have the `Authorization` header properly set to the `API_KEY` you specified during image creation. For example:\n\n```http request\nGET http://localhost:9898\nAuthorization: Bearer [YOUR_API_KEY]\n```\n\n__Note:__ To protect against data leaks, the server only replies with HTTP response codes.\n\n__Note 2:__ If you do not specify an `API_KEY` during build, an `API_KEY` will be provided for you and will randomize on every container restart.\n\n## Setting Up Secure Shell\nThe controller authenticates itself through the Secure Shell (SSH). If you have not enabled Secure Shell, follow the instructions below:\n\n1. Login to the pfSense web interface.\n2. Under the __System__ dropdown, click __Advanced__.\n3. Scroll down to the __Secure Shell__ section.\n4. Check the __Enable Secure Shell__ checkbox.\n5. Click the __Save__ button at the bottom of the page.\n\n__Note:__ Ensure that the user you are logging in from has the __User - System: Shell account access__ privilege.\n\n__Note 2:__ If you wish to use a private key, paste the contents of the key into the `PFSENSE_PRIVATE_KEY` directly and do not include the path of the file.\n\n## Using the Endpoints\nThis section describes how to interact with the available API endpoints for managing your pfSense® firewall.\n\n#### Ping Endpoint:\n```http request\nPOST http://localhost:9898/ping\nAuthorization: Bearer [YOUR_API_KEY]\nContent-Type: application/json\n\n{\n \"count\": 60,\n \"ipAddress\": \"[YOUR_IP_ADDRESS]\",\n \"strict\": false,\n}\n```\n\n#### Reload Filter Endpoint:\n```http request\nGET http://localhost:9898/reload-filter\nAuthorization: Bearer [YOUR_API_KEY]\n```\n\n#### Update Dynamic DNS Endpoint:\n```http request\nGET http://localhost:9898/update-dyndns\nAuthorization: Bearer [YOUR_API_KEY]\n```\n\n#### Wake-on-LAN Endpoint:\n```http request\nPOST http://localhost:9898/wol\nAuthorization: Bearer [YOUR_API_KEY]\nContent-Type: application/json\n\n{\n \"broadcastAddress\": \"[YOUR_BROADCAST_IP_ADDRESS]\",\n \"macAddress\": \"[YOUR_MAC_ADDRESS]\"\n}\n```\n\n## Retrieving the Broadcast IP Address\nIn order to send a Wake-on-LAN request, a broadcast address is required since magic packets cannot be sent across subnets. Follow the instructions below:\n\n1. Login to the pfSense web interface.\n2. Under the __Interfaces__ dropdown, click on the interface where the device belongs to.\n3. On the address bar, look for the `if=` parameter and copy the value. The interface value should look something like `igb1`, `opt1`, or `lan`.\n4. Copy the [PHP Code](#php-code) shown below and replace `[YOUR_INTERFACE_ID]` with your interface value.\n5. Run the code under __Diagnostics__ \u003e __Command Prompt__ \u003e __Execute PHP Commands__ section.\n6. Retrieve the calculated IP address above in the __PHP Response__ section.\n\n#### PHP Code:\n```php\n$interface = '[YOUR_INTERFACE_ID]';\n\necho gen_subnet_max(get_interface_ip($interface), get_interface_subnet($interface));\n```\n\n## Credits and Appreciation\nIf you find value in the ongoing development of this controller and wish to express your appreciation, you have the option to become my supporter on [GitHub Sponsors](https://github.com/sponsors/mrjackyliang)!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrjackyliang%2Fpfsense-actions","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmrjackyliang%2Fpfsense-actions","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmrjackyliang%2Fpfsense-actions/lists"}