---
- name: Install bouncer (currently only firewall)
  ansible.builtin.apt:
    name:
      - crowdsec-firewall-bouncer-iptables
  when:
    - ansible_os_family == "Debian"

- name: Install crowdsec
  ansible.builtin.dnf:
    name:
      - crowdsec-firewall-bouncer-nftables
    state: present
  when:
    - ansible_os_family == "RedHat"

# - name: Register new bouncer
#   ansible.builtin.command: cscli bouncers add {{ inventory_hostname }} -o raw
#   register: _csbouncer
#   delegate_to: "{{ crowdsec_delegate_server_hostname }}"
#   changed_when: _csbouncer.stderr is not search("already exists")
# 
# - name: Deploy bouncer config
#   ansible.builtin.lineinfile:
#     regex: "{{ item.regex }}"
#     line: "{{ item.line }}"
#     dest: /etc/crowdsec/bouncers/crowdsec-firewall-bouncer.yaml
#   with_items:
#     - regex: "^api_url"
#       line: "api_url: {{ crowdsec_lapi_url }}"
#     - regex: "^api_key"
#       line: "api_key: {{ _csbouncer.stdout }}"
#   when: _csbouncer.changed
#   notify: restart crowdsec-firewall-bouncer
#   loop_control:
#     label: "{{ item.regex }}"