---

- name: clone git repository
  git:
    repo: "{{ minifirewall_git_url}}"
    dest: "{{ minifirewall_checkout_path }}"
    clone: yes

# WARN: these tasks copy the file if there are not already there
# They don't update files.

- name: is init script present?
  stat:
    path: /etc/init.d/minifirewall
  register: init_minifirewall

- name: init script is copied
  command: "cp {{ minifirewall_checkout_path }}/minifirewall /etc/init.d/minifirewall"
  when: not init_minifirewall.stat.exists


- name: is configuration present?
  stat:
    path: /etc/default/minifirewall
  register: default_minifirewall

- block:
  - name: configuration is copied
    command: "cp {{ minifirewall_checkout_path }}/minifirewall.conf /etc/default/minifirewall"

  - name: configuraion is customized
    replace:
      dest: /etc/default/minifirewall
      regexp: '{{ item.regexp }}'
      replace: '{{ item.replace }}'
    with_items:
      - { regexp: "^(INT)='.*'",            replace: "\\1='{{ minifirewall_int }}'" }
      - { regexp: "^(INTLAN)='.*'",         replace: "\\1='{{ minifirewall_intlan }}'" }
      - { regexp: "^(IPV6)='.*'",           replace: "\\1='{{ minifirewall_ipv6 }}'" }
      - { regexp: "^(TRUSTEDIPS)='.*'",     replace: "\\1='{{ minifirewall_trusted_ips | join(' ') }}'" }
      - { regexp: "^(PRIVILEGIEDIPS)='.*'", replace: "\\1='{{ minifirewall_privilegied_ips | join(' ') }}'" }
  when: not default_minifirewall.stat.exists