- name: Install nftables
  package:
    name: nftables

- name: Copy nftables config
  template:
    dest: /etc/nftables.nft
    src: nftables.nft.j2
    mode: 0644
  notify: reload nftables

- name: Copy static nftables includes
  template:
    dest: '/etc/nftables.d/{{ item }}'
    src: '{{ item }}.j2'
    mode: 0644
  loop:
    - interfaces.nft
    - networks.nft
  notify: reload nftables

- name: Enable nftables service
  service:
    name: nftables
    enabled: yes
    state: started