blob: 46c7d0b5a92f3ec37cd02fd883bfa313239c55a0 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
---
- name: install nftables
apt:
name: nftables
- name: create include base directory
file:
path: /etc/nftables.d
state: directory
- name: generate base nft script
copy:
content: |
#!/usr/sbin/nft -f
# Ansible managed
flush ruleset
include "/etc/nftables.d/*.nft"
dest: /etc/nftables.conf
notify: reload nftables
- name: make sure nftables systemd service unit is enabled and started
systemd:
name: nftables.service
state: started
enabled: yes
|