From 6aa700dbf4aedd18fd3f5b8e1c4b5b46d971c35b Mon Sep 17 00:00:00 2001
From: Luke Tainton <luke@tainton.uk>
Date: Fri, 13 Mar 2026 20:22:40 +0000
Subject: [PATCH] feat: update port forwarding configuration to use API call

---
 config.yaml | 94 ++++++++++++++++++++++++++++-------------------------
 1 file changed, 49 insertions(+), 45 deletions(-)

diff --git a/config.yaml b/config.yaml
index cea6ef2..db2169b 100644
--- a/config.yaml
+++ b/config.yaml
@@ -219,48 +219,52 @@
           useVlanTagging: true
 
       - name: Configure Port Forwarding
-        cisco.meraki.networks_appliance_firewall_port_forwarding_rules:
-          state: present
-          networkId: "{{ nid }}"
-          purge: false
-          rules:
-            - name: NAS HTTP
-              uplink: internet1
-              protocol: tcp
-              publicPort: 80
-              lanIp: 192.168.10.2
-              localPort: 80
-              allowedIps:
-                - any
-            - name: NAS HTTPS
-              uplink: internet1
-              protocol: tcp
-              publicPort: 443
-              lanIp: 192.168.10.2
-              localPort: 443
-              allowedIps:
-                - any
-            - name: NAS SSH
-              uplink: internet1
-              protocol: tcp
-              publicPort: 3102
-              lanIp: 192.168.10.2
-              localPort: 3102
-              allowedIps:
-                - 5.135.141.48
-            - name: Xbox TCP
-              uplink: internet1
-              protocol: tcp
-              publicPort: 3074
-              lanIp: 192.168.40.2
-              localPort: 3074
-              allowedIps:
-                - any
-            - name: Xbox UDP
-              uplink: internet1
-              protocol: udp
-              publicPort: 3074
-              lanIp: 192.168.40.2
-              localPort: 3074
-              allowedIps:
-                - any
+        ansible.builtin.uri:
+          url: "https://api.meraki.com/api/v1/networks/{{ nid }}/appliance/firewall/portForwardingRules"
+          method: PUT
+          headers:
+            X-Cisco-Meraki-API-Key: "{{ lookup('ansible.builtin.env', 'MERAKI_DASHBOARD_API_KEY') }}"
+            Content-Type: application/json
+          body_format: json
+          body:
+            rules:
+              - name: NAS HTTP
+                uplink: internet1
+                protocol: tcp
+                publicPort: 80
+                lanIp: 192.168.10.2
+                localPort: 80
+                allowedIps:
+                  - any
+              - name: NAS HTTPS
+                uplink: internet1
+                protocol: tcp
+                publicPort: 443
+                lanIp: 192.168.10.2
+                localPort: 443
+                allowedIps:
+                  - any
+              - name: NAS SSH
+                uplink: internet1
+                protocol: tcp
+                publicPort: 3102
+                lanIp: 192.168.10.2
+                localPort: 3102
+                allowedIps:
+                  - 5.135.141.48
+              - name: Xbox TCP
+                uplink: internet1
+                protocol: tcp
+                publicPort: 3074
+                lanIp: 192.168.40.2
+                localPort: 3074
+                allowedIps:
+                  - any
+              - name: Xbox UDP
+                uplink: internet1
+                protocol: udp
+                publicPort: 3074
+                lanIp: 192.168.40.2
+                localPort: 3074
+                allowedIps:
+                  - any