summaryrefslogtreecommitdiff
path: root/roles/network/nftables/base/tasks/main.yml
diff options
context:
space:
mode:
Diffstat (limited to 'roles/network/nftables/base/tasks/main.yml')
-rw-r--r--roles/network/nftables/base/tasks/main.yml26
1 files changed, 26 insertions, 0 deletions
diff --git a/roles/network/nftables/base/tasks/main.yml b/roles/network/nftables/base/tasks/main.yml
new file mode 100644
index 00000000..46c7d0b5
--- /dev/null
+++ b/roles/network/nftables/base/tasks/main.yml
@@ -0,0 +1,26 @@
+---
+- name: install nftables
+ apt:
+ name: nftables
+
+- name: create include base directory
+ file:
+ path: /etc/nftables.d
+ state: directory
+
+- name: generate base nft script
+ copy:
+ content: |
+ #!/usr/sbin/nft -f
+
+ # Ansible managed
+ flush ruleset
+ include "/etc/nftables.d/*.nft"
+ dest: /etc/nftables.conf
+ notify: reload nftables
+
+- name: make sure nftables systemd service unit is enabled and started
+ systemd:
+ name: nftables.service
+ state: started
+ enabled: yes
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-05 06:58:19 +0000