Describe the bug

There are some variables which, when set to false, are actually treated as true.

To Reproduce

ansible-playbook main.yml \
	-e "provider=local" \
	-e "ondemand_cellular=false" \
	-e "ondemand_wifi=false" \
	-e "ondemand_wifi_exclude=" \
	-e "dns_adblocking=false" \
	-e "ssh_tunneling=false" \
	-e "store_pki=true" \
	-e "server=localhost" \
	-e "endpoint=$PUBLIC_IPV4" \
	-e "users=$(jq -Rc 'split("|")' <<< "$_users")" \
	-e "dns_encryption=false" \
	--skip-tags debug

Take the above example, setting dns_encryption=false is not honored in ipsec.conf and the variable pretends to be true. This results in rightdns to actually use the local_service_ip rather than the IPs specified with dns_servers. In a previous version of this file, there was some coercion, which I believe would fix the problem, for this example anyway.

Resolution

Either bring back the coercion in the places that need it or just specify in the documentation to leave boolean variables blank if you want it to represent false. But I'm not sure which way is best because there's a lot of places which can go either way in the code. So each usage of a boolean variable would need to be evaluated to ensure that it follows the same standard.

Ansible treats all values in the extra vars as strings. It seems like we're missing some | bool conversion in some conditions. You may pass your vars as JSON as a workaround for now, ie: -e '{"something": false}'