---
- name: Configure DHCP
  hosts: opnsense
  gather_facts: false
  module_defaults:
    group/ansibleguy.opnsense.all:
      firewall: "{{ opnsense_host }}"
      api_key: "{{ opnsense_api_key }}"
      api_secret: "{{ opnsense_api_secret }}"
      ssl_verify: false
      api_port: "{{ opnsense_api_port|default(omit) }}"

  tasks:
    # TODO: Clean up subnet / reservation structure
    - name: Configure KEA DHCP Server
      ansibleguy.opnsense.dhcp_general:
        enabled: "{{ dhcp_enabled }}"
        interfaces: "{{ dhcp_interfaces }}"
      delegate_to: localhost

    - name: Add subnet
      ansibleguy.opnsense.dhcp_subnet:
        subnet: "{{ item.subnet }}"
        pools: "{{ item.pools }}"
        auto_options: false
        gateway: '{{ item.gateway }}'
        dns: '{{ item.dns }}'
        domain: '{{ item.domain }}'
        reload: false
      delegate_to: localhost
      loop: "{{ dhcp_subnets }}"

    - name: Get all dhcp_reservations_* variables from hostvars
      ansible.builtin.set_fact:
        all_dhcp_reservations: >-
          {{
            hostvars[inventory_hostname] | dict2items
            | selectattr('key', 'match', '^dhcp_reservations_')
            | map(attribute='value')
            | flatten
            | selectattr('type', 'match', 'static')
          }}

    - name: Add DHCP Reservations
      ansibleguy.opnsense.dhcp_reservation:
        hostname: "{{ item.hostname }}"
        mac: "{{ item.mac }}"
        ip: "{{ item.address }}"
        subnet: "{{ item.address | ansible.utils.ipsubnet(24) }}"
        description: "{{ item.description | default('') }}"
        reload: false
      delegate_to: localhost
      loop: "{{ all_dhcp_reservations }}"

    - name: Add HAProxy