2022-12-18 19:01:04 +01:00
|
|
|
- name: "install nftables"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.apt:
|
|
|
|
|
name: "nftables"
|
|
|
|
|
|
2022-12-18 19:01:04 +01:00
|
|
|
- name: "configure nftables"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.template:
|
2022-12-18 19:01:04 +01:00
|
|
|
src: "./nftables.conf.j2"
|
2022-12-04 15:14:43 +01:00
|
|
|
dest: "/etc/nftables.conf"
|
|
|
|
|
mode: 0755
|
2022-12-08 23:19:54 +01:00
|
|
|
register: system_base_nftables_conf
|
2022-12-04 15:14:43 +01:00
|
|
|
|
2022-12-18 19:01:04 +01:00
|
|
|
- name: "enable nftables"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.systemd:
|
|
|
|
|
name: "nftables"
|
|
|
|
|
enabled: true
|
|
|
|
|
|
2022-12-18 19:01:04 +01:00
|
|
|
- name: "start nftables"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.systemd:
|
|
|
|
|
name: "nftables"
|
|
|
|
|
state: "started"
|
2022-12-08 23:19:54 +01:00
|
|
|
register: system_base_nftables_start
|
2022-12-04 15:14:43 +01:00
|
|
|
|
2022-12-18 19:01:04 +01:00
|
|
|
- name: "reload nftables configuration"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.command:
|
|
|
|
|
cmd: "nft -f /etc/nftables.conf"
|
|
|
|
|
when:
|
2022-12-08 23:19:54 +01:00
|
|
|
system_base_nftables_conf.changed and
|
|
|
|
|
not system_base_nftables_start.changed
|
