---
# ============================================================================
# Sophos Network Role - Main Tasks
# ============================================================================
# This role configures all network-related settings on Sophos XGS firewalls:
#   - Physical interfaces
#   - VLAN interfaces
#   - DHCP servers
#   - DNS configuration
#   - Static routes
# ============================================================================

- name: Display network configuration overview
  ansible.builtin.debug:
    msg:
      - "======================================"
      - "Configuring Network Settings"
      - "======================================"
      - "Firewall: {{ inventory_hostname }}"
      - "Interfaces: {{ sophos_interfaces | default([]) | length }}"
      - "VLANs: {{ sophos_vlans | default([]) | length }}"
      - "DHCP Servers: {{ sophos_dhcp_servers | default([]) | length }}"
      - "Static Routes: {{ sophos_static_routes | default([]) | length }}"
  tags: ['always']

# ============================================================================
# Configure Physical Interfaces
# ============================================================================

- name: Configure physical interfaces
  ansible.builtin.include_tasks: interfaces.yml
  when: sophos_interfaces is defined and sophos_interfaces | length > 0
  tags: ['interfaces']

# ============================================================================
# Configure VLAN Interfaces
# ============================================================================

- name: Configure VLAN interfaces
  ansible.builtin.include_tasks: vlans.yml
  when: sophos_vlans is defined and sophos_vlans | length > 0
  tags: ['vlans']

# ============================================================================
# Configure DHCP Servers
# ============================================================================

- name: Configure DHCP servers
  ansible.builtin.include_tasks: dhcp.yml
  when: sophos_dhcp_servers is defined and sophos_dhcp_servers | length > 0
  tags: ['dhcp']

# ============================================================================
# Configure DNS Settings
# ============================================================================

- name: Configure DNS settings
  ansible.builtin.include_tasks: dns.yml
  when: sophos_dns is defined
  tags: ['dns']

# ============================================================================
# Configure Static Routes
# ============================================================================

- name: Configure static routes
  ansible.builtin.include_tasks: routes.yml
  when: sophos_static_routes is defined and sophos_static_routes | length > 0
  tags: ['routes']

# ============================================================================
# Summary
# ============================================================================

- name: Network configuration completed
  ansible.builtin.debug:
    msg:
      - "======================================"
      - "Network Configuration Complete"
      - "======================================"
      - "Firewall: {{ inventory_hostname }}"
      - "All network settings have been applied."
  tags: ['always']