From 3409b5c77ac36ed336ea588034eb01e8cc9e3438 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Andrade?= <joao.andrade@x-akseli.fi>
Date: Mon, 13 May 2024 14:55:33 +0300
Subject: [PATCH 1/2] Add tasks to clean unconfigured P2s

---
 tasks/ipsecphase1.yml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/tasks/ipsecphase1.yml b/tasks/ipsecphase1.yml
index 0890bc2..24f05ad 100644
--- a/tasks/ipsecphase1.yml
+++ b/tasks/ipsecphase1.yml
@@ -84,4 +84,22 @@
   loop_control:
     loop_var: p2
 
+- name: "IPSec ike phase2 search configured uniqid for ikeid {{ ikeid }}"
+  delegate_to: localhost
+  community.general.xml:
+    path: "{{ local_config_path }}"
+    xpath: "/opnsense/ipsec/phase2[ikeid='{{ ikeid }}']/uniqid"
+    content: text
+  register: phase2ikeiduniqid_all
+
+- name: "IPSec ike phase2 cleanup for ikeid {{ ikeid }}"
+  delegate_to: localhost
+  community.general.xml:
+    path: "{{ local_config_path }}"
+    xpath: "/opnsense/ipsec/phase2[ikeid='{{ ikeid }}' and uniqid='{{ item.uniqid }}']"
+    state: absent
+    pretty_print: yes
+  when: item.uniqid not in ipsecphasevar.phase2
+  with_items: "{{ phase2ikeiduniqid_all.matches }}"
+
 ...

From c80625531c0391e2e0703748f784210a47b9eb35 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Andrade?= <joao.andrade@x-akseli.fi>
Date: Mon, 13 May 2024 15:22:29 +0300
Subject: [PATCH 2/2] Truthy consistency

---
 tasks/ipsecphase1.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tasks/ipsecphase1.yml b/tasks/ipsecphase1.yml
index 24f05ad..0b6407e 100644
--- a/tasks/ipsecphase1.yml
+++ b/tasks/ipsecphase1.yml
@@ -98,7 +98,7 @@
     path: "{{ local_config_path }}"
     xpath: "/opnsense/ipsec/phase2[ikeid='{{ ikeid }}' and uniqid='{{ item.uniqid }}']"
     state: absent
-    pretty_print: yes
+    pretty_print: true
   when: item.uniqid not in ipsecphasevar.phase2
   with_items: "{{ phase2ikeiduniqid_all.matches }}"