Merge pull request #114 from Rosa-Luxemburgstiftung-Berlin/issue113-x…

…ml-encoding issue #113 - fix xml encoding
Rosa-Luxemburgstiftung-Berlin · Dec 17, 2024 · 42d37e7 · 42d37e7
2 parents 7611276 + 432ea0d
commit 42d37e7
Show file tree

Hide file tree

Showing 4 changed files with 65 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -31,8 +31,12 @@ or
 
 ### optional
 
-    sudo apt install secure-delete (optional)
-
+    sudo apt install secure-delete php-cli php-xml # (optional)
+
+`php-cli` and `php-xml` are required for the xml re-encoding (recommended! set `opn_fix_xml_encoding: true`)
+
+`secure-delete` is required for safe deleting the local xml file.
+
 ## Example Playbook
 
 Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:

diff --git a/defaults/main.yml b/defaults/main.yml
@@ -6,6 +6,11 @@ config_path: /conf/config.xml
 # local path for the config
 local_config_path: /tmp/config-{{ inventory_hostname }}.xml
 
+# set this to true in order to adjust the encoding of the xml before uploading it
+# recommendet to set this to true!
+# requires php-cli and php-xml to be installed on the ansible runner
+opn_fix_xml_encoding: false
+
 # list of keys per task to sort values
 opn_sort_values:
   filter:

diff --git a/scripts/opn-xml-fix-encoding.php b/scripts/opn-xml-fix-encoding.php
@@ -0,0 +1,36 @@
+<?php
+
+# encode the xml config the opnsense way
+# see: https://github.com/Rosa-Luxemburgstiftung-Berlin/ansible-opnsense/issues/113
+# inspired by src/opnsense/mvc/app/library/OPNsense/Core/Config.php
+
+if ($argc != 2) {
+    die("missing xml file as arg!\n");
+}
+
+$XMLfile = $argv[1];
+$fp = fopen($XMLfile, "r");
+$xml = trim(stream_get_contents($fp));
+$simplexml = simplexml_load_string($xml);
+fclose($fp);
+
+$dom = new DOMDocument('1.0');
+$root = $dom->createElement('opnsense');
+$dom->appendChild($root);
+
+foreach ($simplexml as $node) {
+    $domNode = dom_import_simplexml($node);
+    $domNode = $root->ownerDocument->importNode($domNode, true);
+    $root->appendChild($domNode);
+}
+
+$dom->formatOutput = true;
+$dom->preserveWhiteSpace = false;
+
+$dom->loadXML($dom->saveXML());
+
+$fp = fopen($XMLfile, "w") or die("Unable to open file!");
+fwrite($fp, $dom->saveXML());
+fclose($fp);
+
+?>
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -296,6 +296,7 @@
 
 - name: trim EOF
   delegate_to: localhost
+  when: not opn_fix_xml_encoding | bool
   ansible.builtin.lineinfile:
     state: absent
     insertafter: EOF
@@ -304,15 +305,23 @@
   changed_when: false
   tags: trim
 
-- name: fix xml start tag
-  delegate_to: localhost
-  ansible.builtin.lineinfile:
-    line: '<?xml version="1.0"?>'
-    regexp: '^<\?xml.*>'
-    insertbefore: BOF
-    path: "{{ local_config_path }}"
-  changed_when: false
-  tags: trim
+- name: fix xml encoding
+  when: opn_fix_xml_encoding | bool
+  tags:
+    - trim
+    - fix-encoding
+    - copy
+  block:
+    - name: detect current declared encoding  # noqa no-changed-when
+      delegate_to: localhost
+      ansible.builtin.command: grep -q "<?xml version='1.0' encoding='UTF-8'?>" {{ local_config_path }}
+      register: _grep_xml_encoding
+      changed_when: false
+
+    - name: fix encoding of xml  # noqa no-changed-when
+      delegate_to: localhost
+      ansible.builtin.command: "php -f {{ role_path }}/scripts/opn-xml-fix-encoding.php {{ local_config_path }}"
+      when: _grep_xml_encoding.rc | int == 0
 
 - name: copy
   ansible.builtin.copy: