---
- block:
    - name: Ensure that the strongswan group exist
      group: name=strongswan state=present

    - name: Ensure that the strongswan user exist
      user: name=strongswan group=strongswan state=present

    - include: ubuntu.yml
      when: ansible_distribution == 'Debian' or ansible_distribution == 'Ubuntu'

    - include: freebsd.yml
      when: ansible_distribution == 'FreeBSD'

    - name: Install strongSwan
      package: name=strongswan state=present

    - include: ipec_configuration.yml
    - include: openssl.yml
      tags: update-users
    - include: distribute_keys.yml
    - include: client_configs.yml
      delegate_to: localhost
      become: no
      tags: update-users

    - meta: flush_handlers

    - name: strongSwan started
      service: name=strongswan state=started
  rescue:
    - debug: var=fail_hint
      tags: always
    - fail:
      tags: always