* Added verification of configuration, changed order of final service config as result;

* Wrapped config in block, to allow for "absent" package state

handlers/main.yml

@@ -2,10 +2,12 @@
 # handlers file for Myatu.shorewall
 
 - name: enable shorewall
-  service: name={{ shorewall_service_name }} enabled=yes
+  service: name={{ shorewall_service_name }} enabled=yes state=started
+  when: (shorewall_package_state != "absent")
 
 - name: enable shorewall6 
-  service: name={{ shorewall6_service_name }} enabled=yes
+  service: name={{ shorewall6_service_name }} enabled=yes state=started
+  when: (shorewall6_package_state != "absent")
 
 - name: restart shorewall
   service: name={{ shorewall_service_name }} state=restarted

tasks/shorewall.yml

@@ -15,36 +15,43 @@
   tags:
     - packages
 
-- name: Generate Shorewall service conf
-  template:
-    dest: /etc/default/shorewall
-    src: default/shorewall.j2
-    owner: root
-    group: root
-    mode: 0640
-  notify: 
-    - restart shorewall
-  tags:
-    - configuration
+- block:
+  - name: Generate Shorewall configuration files
+    template:
+      dest: "/etc/shorewall/{{ item }}"
+      src: "shorewall/{{ item }}.j2"
+      owner: root
+      group: root
+      mode: 0640
+    with_items:
+      - shorewall.conf
+      - params
+      - interfaces
+      - masq
+      - zones
+      - policy
+      - rules
+      - hosts
+    notify:
+      - restart shorewall
+    tags:
+      - configuration
 
-- name: Shorewall configuration files
-  template:
-    dest: "/etc/shorewall/{{ item }}"
-    src: "shorewall/{{ item }}.j2"
-    owner: root
-    group: root
-    mode: 0640
-  with_items:
-    - shorewall.conf
-    - params
-    - interfaces
-    - masq
-    - zones
-    - policy
-    - rules
-    - hosts
-  notify:
-    - restart shorewall
-  tags:
-    - configuration
+  - name: Verify Shorewall configuration
+    command: shorewall check
+    changed_when: False
+    tags:
+      - tests
 
+  - name: Generate Shorewall service configuration
+    template:
+      dest: /etc/default/shorewall
+      src: default/shorewall.j2
+      owner: root
+      group: root
+      mode: 0640
+    notify: 
+      - restart shorewall
+    tags:
+      - configuration
+  when: (shorewall_package_state != "absent")
\ No newline at end of file

tasks/shorewall6.yml

@@ -15,35 +15,43 @@
   tags:
     - packages
 
-- name: Generate Shorewall6 service conf
-  template:
-    dest: /etc/default/shorewall6
-    src: default/shorewall6.j2
-    owner: root
-    group: root
-    mode: 0640
-  notify:
-    - restart shorewall6
-  tags:
-    - configuration
+- block:
+  - name: Shorewall6 configuration files
+    template:
+      dest: "/etc/shorewall6/{{ item }}"
+      src: "shorewall6/{{ item }}.j2"
+      owner: root
+      group: root
+      mode: 0640
+    with_items:
+      - shorewall6.conf
+      - params
+      - interfaces
+      - masq
+      - zones
+      - policy
+      - rules
+      - hosts
+    notify:
+      - restart shorewall6
+    tags:
+      - configuration
 
-- name: Shorewall6 configuration files
-  template:
-    dest: "/etc/shorewall6/{{ item }}"
-    src: "shorewall6/{{ item }}.j2"
-    owner: root
-    group: root
-    mode: 0640
-  with_items:
-    - shorewall6.conf
-    - params
-    - interfaces
-    - masq
-    - zones
-    - policy
-    - rules
-    - hosts
-  notify:
-    - restart shorewall6
-  tags:
-    - configuration
\ No newline at end of file
+  - name: Verify Shorewall6 configuration
+    command: shorewall6 check
+    changed_when: False
+    tags:
+      - tests
+
+  - name: Generate Shorewall6 service configuration
+    template:
+      dest: /etc/default/shorewall6
+      src: default/shorewall6.j2
+      owner: root
+      group: root
+      mode: 0640
+    notify:
+      - restart shorewall6
+    tags:
+      - configuration
+  when: (shorewall6_package_state != "absent")
\ No newline at end of file