pfsense_setup - Overwrites existing config due to defaults

[robindbe]

I was running a playbook to set a specific log setting inside "pfsense_setup" (systemlogsfilterpanel).

    - name: General configuration
      pfsensible.core.pfsense_setup:
        systemlogsfilterpanel: true

After running it on 4 devices I noticed I couldn't login anymore using RADIUS. So after logging in with admin, I saw that the "authmode" setting was reset to "Local database". The session timeout was also back to 240 (we use 30). So I looked around the Python code for that module and I saw those 2 settings together with "shellauth" have a default value hardcoded. https://github.com/pfsensible/core/blob/master/plugins/modules/pfsense_setup.py

That means that if you create a playbook to update any setting using "pfsense_setup" you always have to specify those 3 settings (if you deviate from the defaults).

Is that something that is desirable? If you run the playbook against a large number of hosts, those settings might differ from host to host so it would require to first do a lookup of the config, etc ... which kinda goes against Ansible's idempotency. Not to mention you need to look in the actual Python code to see what the defaults are.

Just throwing it out there :)

[opoplawski]

I don't use the pfsense_setup module myself, but yeah, that behavior does not seem right. The PR removes the defaults from the parameter config and moves it to the documentation.