proftpd: remove whitelist block if feature is disabled

CHANGELOG.md

@@ -13,6 +13,8 @@ The **patch** part is incremented if multiple releases happen the same month
 
 ### Added
 
+proftpd: optional configuration of IP whitelists per groups of users
+
 ### Changed
 
 * autosysadmin-agent: upstream release 24.03.2

proftpd/tasks/accounts.yml

@@ -61,7 +61,7 @@
   tags:
     - proftpd
 
-- name: Whitelist ip for users (SFTP)
+- name: IP Whitelists for SFTP users are present
   ansible.builtin.blockinfile:
     dest: /etc/proftpd/conf.d/sftp.conf
     marker: "# {mark} ANSIBLE MANAGED BLOCK - Whitelist ip for users"
@@ -82,6 +82,14 @@
   notify: restart proftpd
   when: proftpd_sftp_enable_user_whitelist | bool  
 
+- name: IP Whitelists for SFTP users are absent
+  ansible.builtin.blockinfile:
+    dest: /etc/proftpd/conf.d/sftp.conf
+    marker: "# {mark} ANSIBLE MANAGED BLOCK - Whitelist ip for users"
+    state: absent
+  notify: restart proftpd
+  when: not (proftpd_sftp_enable_user_whitelist | bool)  
+
 - name: Allow keys for SFTP account
   ansible.builtin.template:
     dest: "/etc/proftpd/sftp.authorized_keys/{{ _proftpd_account.name }}"