---
## Hacks Bozos WiFi's Ubiquiti ONT to allow for port forwarding.

- hosts: all
  gather_facts: yes
  become: yes

  tasks:
    - name: Check if the procedure has already been done before
      stat:
        path: /tmp/bozos.own3d
      register: stat_result

    - name: Kill wifiman process to prevent UISP contact (until this procedure runs again)
      ansible.builtin.shell: killall wifiman
      when: not stat_result.stat.exists

    - name: Tell iptables to not drop any forward route packets, rather accept them
      ansible.builtin.shell: iptables -D FORWARD -i veip0.1 -j DROP && iptables -A FORWARD -i veip0.1 -j ACCEPT
      when: not stat_result.stat.exists

    - name: Run more iptable rule cleanup
      ansible.builtin.shell: iptables -D PORT_FW -j RETURN && iptables -D FORWARD -i veip0.1 -j PORT_FW
      when: not stat_result.stat.exists

    ## Here goes the bullshit!

    - name: Load Port Forwarding Table CSV
      read_csv:
        path: 'bozos_forwards.csv'
        fieldnames: localport, remoteport
        delimiter: ','
      register: csv_output
      ## delegate: localhost ## Wtf does this do?

    - name: Add port forwarding rules for each CSV entry
      debug:
        msg: "{{ rule }}"
      ## loop: "{{ csv_output.list }}"
      loop: "iptables -t nat -A PREROUTING -p tcp -i veip0.1 --dport {{ rule.remoteport }} -j DNAT --to-destination 192.168.9.11:{{ rule.localport }}"
      loop_control:
        extended: yes
        label: "{{ ansible_loop.index0 }}"

    ## Maybe done with bullshit?

    - name: Mark done file
      ansible.builtin.shell: echo "f4ck ur pl4n$$$!!!" > /tmp/bozos.own3d
      when: not stat_result.stat.exists