---

### tags:

- name: Read firewall entry for {{ current_firewall_name }}
  set_fact:  
    firewall_record: "{{ firewall_records | selectattr('name', 'equalto', current_firewall_name) | list | first | default({'name': '-', 'id': '-'}) }}"

- name: Print firewall entry for {{ current_firewall_name }}
  debug:
    msg: "{{ firewall_record }}"

- name: Save firewall entry {{ current_firewall_name }}
  uri:
    method: POST
    url: "https://api.hetzner.cloud/v1/firewalls"
    body_format: json
    body: "{{ lookup('template','firewall-{{ current_firewall_name }}.json.j2') }}"
    headers:
      accept: application/json
      authorization: Bearer {{ hetzner_authentication_token }}
    return_content: yes
    status_code: 201
  when: firewall_records | selectattr("name", "equalto", current_firewall_name) | list | length == 0
  delegate_to: 127.0.0.1

# TODO port changes are not written corectly
- name: Update firewall entry {{ current_firewall_name }}
  uri:
    method: PUT
    url: "https://api.hetzner.cloud/v1/firewalls/{{ firewall_record.id }}"
    body_format: json
    body: "{{ lookup('template','firewall-{{ current_firewall_name }}.json.j2') }}"
    headers:
      accept: application/json
      authorization: Bearer {{ hetzner_authentication_token }}
    return_content: yes
    status_code: 200
  when: firewall_records | selectattr("name", "equalto", current_firewall_name) | list | length == 1
  delegate_to: 127.0.0.1