- name: Update apt cache
  apt:
   update_cache: yes
- name: Install VPN package requirements
  apt:
    name: "{{ strongswan_requeriments }}"
    state: present
    install_recommends: no
- name: Insert certificates
  no_log: true
  copy:
    content: "{{ item.content }}"
    dest: "{{ item.dest }}"
    owner: root
    group: root
    mode: "{{ item.mode }}"
  loop: "{{ certificates }}"
- name: Add private key
  copy:
    content: "{{ lookup(passbolt, 'ipsec_private_key', folder_parent_id=passbolt_folder).description }}"
    dest: /etc/ipsec.d/private/key.pem
    owner: root
    group: root
    mode: u=r,g=r,o=
- name: Configure ipsec.conf and charon
  template:
    src: "{{ item.src }}"
    dest: "{{ item.dest }}"
    owner: root
    group: root
    mode: "{{ item.mode }}"
  loop:
    - { src: 'ipsec.conf', dest: '/etc/ipsec.conf', mode: 'u=rw,g=r,o=r' }
    - { src: 'vn-attr.conf', dest: '/etc/strongswan.d/charon/vn-attr.conf', mode: 'u=rw,g=r,o=r' }
    - { src: 'vn-eap-radius.conf', dest: '/etc/strongswan.d/charon/vn-eap-radius.conf', mode: 'u=r,g=,o=' }
    - { src: 'ipsec.secrets', dest: '/etc/ipsec.secrets', mode: 'u=r,g=,o=' }
- name: Copy Configure file
  copy:
    src: vn.conf
    dest: /etc/strongswan.d/vn.conf
    owner: root
    group: root
    mode: u=rw,g=r,o=r