- set_fact:
    group_identifier: "{{ item }}"
    value: "{{ nftables.rules.raw[item] }}"
  when: "item is defined"

  #'<group_identifier>': '<content>'
- block:
  - name: Create main rule file
    copy:
      content: "{{ value }}"
      dest: "/etc/nftables/ansible-managed/{{ group_identifier }}.nft"
  when: value is string

  #'<group_identifier>':
  #  main: <content>
  #  '<identifier>': '<content>'
- block:
  - set_fact:
      items: "{{ nftables.rules.raw[item] }}"
  
  - block:
    - name: Create main rule file
      copy:
        content: "{{ items['main'] }}"
        dest: "/etc/nftables/ansible-managed/{{ group_identifier }}.nft"

    - name: Include rule files
      lineinfile:
        path: "/etc/nftables/ansible-managed/{{ group_identifier }}.nft"
        regexp: "include\\s+(\"|')\\/etc\\/nftables\\/ansible-managed\\/{{ group_identifier }}\\/.*$"
        line: 'include "/etc/nftables/ansible-managed/{{ group_identifier }}/*.nft"'
    when: items['main'] is defined

  - name: Create group folder
    file:
      path: "/etc/nftables/ansible-managed/{{ group_identifier }}/"
      state: directory
    when: items|length > 0

  - name: Create included rule files
    copy:
      content: "{{ included_item.value }}"
      dest: "/etc/nftables/ansible-managed/{{ group_identifier }}/{{ included_item.key }}.nft"
    loop: "{{ items | dict2items | selectattr('key', 'ne', 'main') }}"
    loop_control:
      loop_var: included_item

  when: value is mapping