---
- name: Find the port the ssh service is going to use
  vars:
    # This mimics the macro body_option() in sshd_config.j2
    # The explicit to_json filter is needed for Python 2 compatibility
    __sshd_ports_from_config_tmp: >-
      {% if sshd_Port is defined %}
        {{ sshd_Port | to_json }}
      {% elif sshd['Port'] is defined %}
        {{ sshd['Port'] | to_json }}
      {% elif __sshd_defaults['Port'] is defined and not sshd_skip_defaults %}
        {{ __sshd_defaults['Port'] | to_json }}
      {% else %}
        {{ [22] | to_json }}
      {% endif %}
  ansible.builtin.set_fact:
    __sshd_ports_from_config: >-
      {% if __sshd_ports_from_config_tmp | from_json is string or __sshd_ports_from_config_tmp | from_json is number %}
        {{ [__sshd_ports_from_config_tmp | from_json] | to_json }}
      {% else %}
        {{ __sshd_ports_from_config_tmp }}
      {% endif %}
  when:
    - sshd_manage_firewall | bool or sshd_manage_selinux | bool
    - ansible_facts['os_family'] == 'RedHat'
    - ansible_facts['virtualization_type']|default(None) not in __sshd_skip_virt_env