From 4410ddc9941257e9ff58b40d434d7b59b6ea886b Mon Sep 17 00:00:00 2001
From: Vaerh <vaerh@tutanota.com>
Date: Thu, 14 Nov 2024 19:55:53 +0300
Subject: [PATCH] feat(ipv6): Add new resource `routeros_ipv6_settings` Fixes
 #596

---
 .../routeros_ipv6_settings/import.sh          |  1 +
 .../routeros_ipv6_settings/resource.tf        |  3 +
 routeros/provider.go                          |  1 +
 routeros/resource_ipv6_settings.go            | 83 +++++++++++++++++++
 routeros/resource_ipv6_settings_test.go       | 50 +++++++++++
 5 files changed, 138 insertions(+)
 create mode 100644 examples/resources/routeros_ipv6_settings/import.sh
 create mode 100644 examples/resources/routeros_ipv6_settings/resource.tf
 create mode 100644 routeros/resource_ipv6_settings.go
 create mode 100644 routeros/resource_ipv6_settings_test.go

diff --git a/examples/resources/routeros_ipv6_settings/import.sh b/examples/resources/routeros_ipv6_settings/import.sh
new file mode 100644
index 00000000..fab694b2
--- /dev/null
+++ b/examples/resources/routeros_ipv6_settings/import.sh
@@ -0,0 +1 @@
+terraform import routeros_ipv6_settings.settings .
\ No newline at end of file
diff --git a/examples/resources/routeros_ipv6_settings/resource.tf b/examples/resources/routeros_ipv6_settings/resource.tf
new file mode 100644
index 00000000..a41230fe
--- /dev/null
+++ b/examples/resources/routeros_ipv6_settings/resource.tf
@@ -0,0 +1,3 @@
+resource "routeros_ipv6_settings" "settings" {
+  accept_redirects = "no"
+}
diff --git a/routeros/provider.go b/routeros/provider.go
index 0587d715..211da2eb 100644
--- a/routeros/provider.go
+++ b/routeros/provider.go
@@ -135,6 +135,7 @@ func Provider() *schema.Provider {
 			"routeros_ipv6_neighbor_discovery":         ResourceIPv6NeighborDiscovery(),
 			"routeros_ipv6_pool":                       ResourceIpv6Pool(),
 			"routeros_ipv6_route":                      ResourceIPv6Route(),
+			"routeros_ipv6_settings":                   ResourceIpv6Settings(),
 
 			// Aliases for IP objects to retain compatibility between original and fork
 			"routeros_dhcp_client":         ResourceDhcpClient(),
diff --git a/routeros/resource_ipv6_settings.go b/routeros/resource_ipv6_settings.go
new file mode 100644
index 00000000..faac4390
--- /dev/null
+++ b/routeros/resource_ipv6_settings.go
@@ -0,0 +1,83 @@
+package routeros
+
+import (
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/v2/helper/validation"
+)
+
+/*
+{
+  "accept-redirects": "yes-if-forwarding-disabled",
+  "accept-router-advertisements": "yes-if-forwarding-disabled",
+  "disable-ipv6": "false",
+  "forward": "true",
+  "max-neighbor-entries": "8192"
+}
+*/
+
+// https://help.mikrotik.com/docs/spaces/ROS/pages/103841817/IP+Settings#IPSettings-IPv6Settings
+func ResourceIpv6Settings() *schema.Resource {
+	resSchema := map[string]*schema.Schema{
+		MetaResourcePath: PropResourcePath("/ipv6/settings"),
+		MetaId:           PropId(Id),
+
+		"accept_redirects": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Description: "Whether to accept ICMP redirect messages. Typically should be enabled on the host and disabled " +
+				"on routers.",
+			ValidateFunc:     validation.StringInSlice([]string{"no", "yes-if-forwarding-disabled"}, false),
+			DiffSuppressFunc: AlwaysPresentNotUserProvided,
+		},
+		"accept_router_advertisements": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Description: "Accept router advertisement (RA) messages. If enabled, the router will be able to get the " +
+				"address using stateless address configuration.",
+			ValidateFunc:     validation.StringInSlice([]string{"no", "yes", "yes-if-forwarding-disabled"}, false),
+			DiffSuppressFunc: AlwaysPresentNotUserProvided,
+		},
+		"disable_ipv6": {
+			Type:        schema.TypeBool,
+			Optional:    true,
+			Description: "Enable/disable system wide IPv6 settings (prevents LL address generation).",
+		},
+		"forward": {
+			Type:             schema.TypeBool,
+			Optional:         true,
+			Description:      "Enable/disable packet forwarding between interfaces.",
+			DiffSuppressFunc: AlwaysPresentNotUserProvided,
+		},
+		"max_neighbor_entries": {
+			Type:     schema.TypeInt,
+			Optional: true,
+			Description: "A maximum number or IPv6 neighbors. Since RouterOS version 7.1, the default value depends " +
+				"on the installed amount of RAM. It is possible to set a higher value than the default, but it increases " +
+				"the risk of out-of-memory condition. The default values for certain RAM sizes:\n  * 1024 for 64 MB,\n  * 2048 " +
+				"for 128 MB,\n  * 4096 for 256 MB,\n  * 8192 for 512 MB,\n  * 16384 for 1024 MB or higher.",
+			DiffSuppressFunc: AlwaysPresentNotUserProvided,
+		},
+		"multipath_hash_policy": {
+			Type:     schema.TypeString,
+			Optional: true,
+			Description: "IPv6 Hash policy used for ECMP routing in `/ipv6/settings` menu\n  * l3 -- layer-3 hashing of src " +
+				"IP, dst IP, flow label, IP protocol\n  * l3-inner -- layer-3 hashing or inner layer-3 hashing if available" +
+				"\n  * l4 -- layer-4 hashing of src IP, dst IP, IP protocol, src port, dst port.",
+			ValidateFunc:     validation.StringInSlice([]string{"l3", "l4", "l3-inner"}, false),
+			DiffSuppressFunc: AlwaysPresentNotUserProvided,
+		},
+	}
+
+	return &schema.Resource{
+		CreateContext: DefaultSystemCreate(resSchema),
+		ReadContext:   DefaultSystemRead(resSchema),
+		UpdateContext: DefaultSystemUpdate(resSchema),
+		DeleteContext: DefaultSystemDelete(resSchema),
+
+		Importer: &schema.ResourceImporter{
+			StateContext: schema.ImportStatePassthroughContext,
+		},
+
+		Schema: resSchema,
+	}
+}
diff --git a/routeros/resource_ipv6_settings_test.go b/routeros/resource_ipv6_settings_test.go
new file mode 100644
index 00000000..0e59d30c
--- /dev/null
+++ b/routeros/resource_ipv6_settings_test.go
@@ -0,0 +1,50 @@
+package routeros
+
+import (
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-testing/helper/resource"
+)
+
+const testIpv6Settings = "routeros_ipv6_settings.settings"
+
+func TestAccIpv6SettingsTest_basic(t *testing.T) {
+	for _, name := range testNames {
+		t.Run(name, func(t *testing.T) {
+			resource.Test(t, resource.TestCase{
+				PreCheck: func() {
+					testAccPreCheck(t)
+					testSetTransportEnv(t, name)
+				},
+				ProviderFactories: testAccProviderFactories,
+				Steps: []resource.TestStep{
+					{
+						Config: testAccIpv6SettingsConfig("no"),
+						Check: resource.ComposeTestCheckFunc(
+							testResourcePrimaryInstanceId(testIpv6Settings),
+							resource.TestCheckResourceAttr(testIpv6Settings, "accept_redirects", "no"),
+						),
+					},
+					{
+						Config: testAccIpv6SettingsConfig("yes-if-forwarding-disabled"),
+						Check: resource.ComposeTestCheckFunc(
+							testResourcePrimaryInstanceId(testIpv6Settings),
+							resource.TestCheckResourceAttr(testIpv6Settings, "accept_redirects", "yes-if-forwarding-disabled"),
+						),
+					},
+				},
+			})
+
+		})
+	}
+}
+
+func testAccIpv6SettingsConfig(param string) string {
+	return fmt.Sprintf(`%v
+
+resource "routeros_ipv6_settings" "settings" {
+  accept_redirects = "%v"
+}
+`, providerConfig, param)
+}