---
- name: shorewall_config | merge shorewall zones
  set_fact:
    shorewall_zones: "{{ shorewall_zones_host + shorewall_zones_group + shorewall_zones_all + shorewall_zones_default }}"

- name: shorewall_config | merge shorewall policies
  set_fact:
    shorewall_policies: "{{ shorewall_policies_host + shorewall_policies_group + shorewall_policies_all + shorewall_policies_default }}"

- name: shorewall_config | merge shorewall interfaces
  set_fact:
    shorewall_interfaces: "{{ shorewall_interfaces_host + shorewall_interfaces_group + shorewall_interfaces_all + shorewall_interfaces_default }}"

- name: shorewall_config | merge shorewall rules
  set_fact:
    shorewall_rules: "{{ shorewall_rules_host + shorewall_rules_group + shorewall_rules_all + shorewall_rules_default }}"

- name: shorewall_config | template Shorewall defaults
  template:
    src: etc/default/shorewall.j2
    dest: /etc/default/shorewall
    owner: root
    group: root
    mode: 0640
  notify: restart shorewall

- name: shorewall_config | template Shorewall config
  template:
    src: "etc/shorewall/{{ item }}.j2"
    dest: "/etc/shorewall/{{ item }}"
    owner: root
    group: root
    mode: 0640
  loop:
    - shorewall.conf
    - interfaces
    - params
    - policy
    - rules
    - zones
  notify: restart shorewall