---
- name: Create re2o-firewall directory
  file:
    path: /var/local/re2o-services/firewall
    state: directory
    mode: '2775'
    owner: root
    group: nounou

- name: Set ACL for re2o-firewall directory
  acl:
    path: /var/local/re2o-services/firewall
    default: true
    entity: nounou
    etype: group
    permissions: rwx
    state: query

- name: Clone re2o-firewall repository
  git:
    repo: 'http://gitlab.adm.crans.org/nounous/re2o-firewall.git'
    dest: /var/local/re2o-services/firewall
    version: crans
    umask: '002'

- name: Create symbolic link to configuration
  file:
    src: /var/local/re2o-services/config.ini
    dest: /var/local/re2o-services/firewall/config.ini
    owner: root
    group: root
    state: link

- name: Deploy cron for re2o-firewall
  template:
    src: cron.d/re2o-services-firewall.j2
    dest: /etc/cron.d/re2o-services-firewall