pf: Use templates for static firewall configs

group_vars/dnagw.yml

@@ -45,7 +45,7 @@ unbound_zones:
   - home.foo.sh
 
 # use custom firewall config
-firewall_src: pf.conf.gw_home.j2
+firewall_src: pf.conf.gw_dna.j2
 
 # unbound config
 unbound_config: unbound.conf.dna.j2

group_vars/fsolgw.yml

@@ -9,5 +9,5 @@ network_vip_interfaces:
     pass: "{{ vip145_pass }}"
 
 # use custom firewall and ifstated config
-firewall_src: pf.conf.gw_fsol
+firewall_src: pf.conf.gw_fsol.j2
 ifstated_config: ifstated-fsol.conf

roles/pf/tasks/main.yml

@@ -1,6 +1,6 @@
 ---
 - name: Copy pf.conf
-  ansible.builtin.copy:
+  ansible.builtin.template:
     src: "{{ firewall_src }}"
     dest: /etc/pf.conf
     mode: "0600"