Problem: some default values are enforced on change

### Modules

oxlorg.opnsense.acme_validation

### Version

```bash
oxlorg.opnsense 25.7.8
```

### OPNsense Version

```bash
26.1.1
```

### What's the problem?

When applying the `oxlorg.opnsense.acme_validation` module against existing Opnsense configuration, some default module values are applied if a change is detected on one of the configured values.  This creates a somewhat confusing behavior of respecting the configured server values - but only if there is no drift in the user provided module values. 

Scenario:
All fields configured in the module perfectly match what is already configured on opnsense.
```yaml
oxlorg.opnsense.acme_validation:
   name: dns challenge
   dns_service: dns_cf
   dns_cf_token: "{{ token }}"
```   
Running my playbook, Ansible reports `OK`: there are no changes to apply.
Lets say I make a change and add my email:
```yaml
oxlorg.opnsense.acme_validation:
   name: dns challenge
   dns_service: dns_cf
   dns_cf_token: "{{ token }}"
   dns_cf_email:  "myname@example.com"
```
Running Ansible again, I would expect exactly one configuration value to change considering the previous run detected no changes, but instead I notice some default values are being applied as part of this change.   

Running ansible with `-vvv` and comparing the "before" and "after" diff we can see a 2 fields getting overwritten with empty string and `dns_ispconfig_insecure` chaining from `true` to `false`.

```diff
<             "dns_conoha_idapi": "https://identity.xxxx.conoha.io/v2.0",
---
>             "dns_conoha_idapi": "",
117c117
<             "dns_ispconfig_insecure": true,
---
>             "dns_ispconfig_insecure": false,
135c135
<             "dns_loopia_api": "https://api.loopia.se/RPCSERV",
---
>             "dns_loopia_api": "",
```

# Expectation
I would either expect the default values to always apply or to always respect existing server configuration.  

### Ansible Version

```bash
core 2.20.2
```

### OPNsense-Plugin Version

```bash
os-acme-client	4.13
```

### Config Ansible

```yaml
- name: "ACME"
  hosts: opnsense
  connection: local
  gather_facts: false
  module_defaults:
    group/oxlorg.opnsense.all:
      firewall: '{{ firewall }}'
      api_credential_file: '{{ opnsense_api_credential_file }}'
  tasks:
    oxlorg.opnsense.acme_validation:
      name: dns challenge
      dns_service: dns_cf
      dns_cf_token: "{{ token }}"
```

### Config OPNsense

```bash
Name: dns challenge
Challenge Type: DNS-01
DNS Service: Cloudflare.com
DNS Sleep Time: 0
CF API Token: xxxxxxxxxx
```

### Debug Output

```bash

```

### Profiling Output

```bash

```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Problem: some default values are enforced on change #391

Modules

Version

OPNsense Version

What's the problem?

Expectation

Ansible Version

OPNsense-Plugin Version

Config Ansible

Config OPNsense

Debug Output

Profiling Output

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

Problem: some default values are enforced on change #391

Description

Modules

Version

OPNsense Version

What's the problem?

Expectation

Ansible Version

OPNsense-Plugin Version

Config Ansible

Config OPNsense

Debug Output

Profiling Output

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions