---
- block:
    - name: Configure udev
      template:
        src: etc/udev/udev.conf.j2
        dest: /etc/udev/udev.conf
        mode: 0644

    - name: Configure udev rules
      template:
        src: etc/udev/rules.d/xx-template.rules.j2
        dest: /etc/udev/rules.d/{{ item.name }}.rules
        selevel: s0
        serole: object_r
        setype: udev_rules_t
        seuser: system_u
        mode: 0644
      loop: "{{ __udev_rules }}"
      loop_control:
        label: "{{ item.name }}"
      notify: __udev_reload

    - name: Register active udev rules
      find:
        paths: /etc/udev/rules.d/
        file_type: file
        patterns: "*.rules"
      register: __udev_rules_active
      changed_when: False
      failed_when: False

    - name: Remove unmanaged udev rules
      file:
        path: "{{ item }}"
        state: absent
      loop: "{{ __udev_rules_active.files | map(attribute='path') | list }}"
      notify: __udev_reload
      when:
        - (item | basename | splitext | first) not in (__udev_rules | map(attribute='name') | list)
        - (item | basename | splitext | first) not in udev_rules_unmanaged
  become: True
  become_user: root