configpolicy/roles/strongswan-swanctl/tasks/main.yml

- name: ensure strongswan is installed
  package:
    name: strongswan
    state: present
  tags:
  - install

- name: ensure esp4 module is configured to load at boot
  copy:
    src: esp4.modules-load.conf
    dest: /etc/modules-load.d/esp4.conf
    mode: '0644'
  notify:
  - load esp4 kernel module

- name: ensure strongswan starts at boot
  service:
    name: strongswan
    enabled: true
- name: ensure strongswan is running
  service:
    name: strongswan
    state: started