- name: Install nftables
  apt:
    name: nftables

- name: Configure nftables
  template:
    src: ./filesystem/{{ ansible_host }}/etc/nftables.conf.j2
    dest: /etc/nftables.conf
    mode: 0755
  register: nftables_conf

- name: Enable/start nftables
  systemd:
    name: nftables
    state: started
    enabled: yes

- name: Restart nftables
  systemd:
    name: nftables
    state: restarted
  register: nftables_restart
  when:
    nftables_conf is changed

- name: Restart networking
  systemd:
    name: networking
    state: restarted
  when:
    nftables_restart is changed