---
- name: "install nftables"
  ansible.builtin.apt:
    name: "nftables"

- name: "configure nftables"
  ansible.builtin.template:
    src: "./nftables.conf"
    dest: "/etc/nftables.conf"
    mode: 0755
  register: system_base_nftables_conf

- name: "enable nftables"
  ansible.builtin.systemd:
    name: "nftables"
    enabled: true

- name: "start nftables"
  ansible.builtin.systemd:
    name: "nftables"
    state: "started"
  register: system_base_nftables_start

- name: "reload nftables configuration"
  ansible.builtin.command:
    cmd: "nft -f /etc/nftables.conf"
  when:
    system_base_nftables_conf.changed and
    not system_base_nftables_start.changed