---
- name: "Make sure ferm configuration directories exists"
  file:
    path: "{{ item }}"
    state: directory
    mode: 0755
    owner: root
    group: root
  with_items:
    - /etc/ferm
    - /etc/ferm/ferm.d

- name: "Create /etc/default/ferm"
  template:
    src: etc_default_ferm.j2
    dest: /etc/default/ferm
    mode: 0644
    owner: root
    group: root

- name: "Create ferm configuration file"
  template:
    src: ferm.conf.j2
    dest: /etc/ferm/ferm.conf
    mode: 0644
    owner: root
    group: root
  tags:
    - config

- name: "Uninstall ufw"
  apt:
    name: ufw
    state: absent

- name: "Install ferm"
  apt:
    name: ferm
    state: present

- name: "Run ferm to configure the firewall"
  shell: ferm /etc/ferm/ferm.conf
  tags:
    - config