pfsensible.pfsense_alias ha-primary is not synchronized to ha-secondary node #239
Description
Describe the bug
I have two pfsense in high availability mode. Changes are synchronized from the primary node to the secondary node on "Apply changes" via web interface.
Expected behavior
When ansible is executed this should "Apply changes" and trigger the syncronization to the secondary node.
Playbook
Please paste a minimal playbook to reproduce the issue:
---
- name: "Configure pfsense Firewalls"
hosts: all
remote_user: admin
gather_facts: true
tasks:
- name: Add Test alias
pfsensible.core.pfsense_alias:
name: "{{ item.name }}"
address: "{{ item.address }}"
type: "{{ item.type }}"
state: "{{ item.state }}"
become: true
loop:
- { name: 'Test', address: '4.3.2.1', type: 'host', state: 'present' }
Output
Please paste the ansible output run with -vv:
ansible-playbook [core 2.15.13]
config file = REMOVED/ansible/ansible.cfg
configured module search path = ['REMOVED/ansible/plugins/modules']
ansible python module location = REMOVED/ansible/2.15.13.el7/lib/python3.10/site-packages/ansible
ansible collection location = REMOVED
executable location = REMOVED/ansible-playbook
python version = 3.10.5 (main, May 12 2025, 10:25:13) [GCC 4.8.5 20150623 (Red Hat 4.8.5-44)] (REMOVED/ansible/2.15.13.el7/bin/python3)
jinja version = 3.1.6
libyaml = True
Using REMOVED/ansible/ansible.cfg as config file
BECOME password:
redirecting (type: callback) ansible.builtin.profile_tasks to ansible.posix.profile_tasks
Skipping callback 'default', as we already have a stdout callback.
Skipping callback 'minimal', as we already have a stdout callback.
Skipping callback 'oneline', as we already have a stdout callback.
PLAYBOOK: pfsense_github.yml ****************************************************************************************************************************************************************************************
1 plays in playbooks/pfsense_github.yml
PLAY [Configure pfsense Firewalls] **********************************************************************************************************************************************************************************
Wednesday 04 March 2026 16:47:11 +0100 (0:00:00.288) 0:00:00.288 *******
TASK [Add Test alias] ***********************************************************************************************************************************************************************************************
task path: REMOVED/playbooks/pfsense_github.yml:8
--- before
+++ after
@@ -1,5 +1,5 @@
{
- "address": "4.3.2.1",
+ "address": "4.3.2.2",
"descr": "",
"detail": "Entry added Wed, 04 Mar 2026 16:27:40 +0100",
"name": "Test",
changed: [HOST] => (item={'name': 'Test', 'address': '4.3.2.2', 'type': 'host', 'state': 'present'}) => {"ansible_loop_var": "item", "changed": true, "commands": ["update alias 'Test' set address='4.3.2.2'"], "item": {"address": "4.3.2.2", "name": "Test", "state": "present", "type": "host"}, "stderr": "", "stderr_lines": [], "stdout": "", "stdout_lines": []}
PLAY RECAP **********************************************************************************************************************************************************************************************************
HOST : ok=1 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Environment
- What version of pfsensible.core?
- pfsensible.core 0.7.1
- What version of ansible?
- 2.15.13
- What version of pfSense?
- 25.11.1-RELEASE
Additional context
In my opinion the log output is not relevant because the execution and change on the primary firewall works as expected. But neither does the primary firewall interface recognize a change and the "Apply changes" button is shown nor is the Alias synchronized to the secondary node. If any alias is force saved and the "Apply changes" button is pressed changes are synchronized correctly.