issue #69 INTERIM hash-algorithm-option fixed

Rosa-Luxemburgstiftung-Berlin · May 28, 2024 · 9ad7ba1 · 9ad7ba1
1 parent 0da3f44
commit 9ad7ba1
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/tasks/ipsecphase2.yml b/tasks/ipsecphase2.yml
@@ -233,14 +233,19 @@
     verbosity: 1
   when: change_hashalgopt is defined
 
+- debug:
+    var: local_config_path
+
 - name: "IPSec ike phase2 {{ uniqid }} reset hash-algorithm-options for ikeid {{ ikeid }}"
   delegate_to: localhost
+  # debugger: on_failed
   community.general.xml:
     path: "{{ local_config_path }}"
-    xpath: "/opnsense/ipsec/phase2[ikeid='{{ ikeid }}' and uniqid='{{ uniqid }}']/hash-algorithm-option/{{ item['hash-algorithm-option'] }}"
+    # FIXME: with quotes around jinja2 vars we get a Couldn't delete xpath target ...
+    #        (module 'lxml.etree' has no attribute '_ElementStringResult') ERROR
+    xpath: "/opnsense/ipsec/phase2[ikeid={{ ikeid }} and uniqid={{ uniqid }}]/hash-algorithm-option"
     state: absent
     pretty_print: true
-  with_items: "{{ hashalgopt.matches }}"
   when:
     - change_hashalgopt | default(false)
     - hashalgopt is defined