- name: Install nftables
  apt:
    name: nftables

- name: Configure nftables
  template:
    src: ./filesystem/{{ ansible_host }}/etc/nftables.conf.j2
    dest: /etc/nftables.conf
    mode: 0755
  register: nftables_conf

- name: Enable nftables
  systemd:
    name: nftables
    enabled: yes

- name: Start nftables
  systemd:
    name: nftables
    state: started
  register: nftables_start

- name: Restart nftables
  systemd:
    name: nftables
    state: restarted
  register: nftables_restart
  when:
    nftables_conf is changed and
    nftables_start is not changed

- name: Reload nft scripts for interfaces
  command: "{{ item }}"
  with_fileglob:
    - "/usr/local/sbin/post-up-*.nft"
  when:
    nftables_restart is changed