network/roles/firewall/tasks/nftables.yml

26 lines
475 B
YAML

- name: Install nftables
package:
name: nftables
- name: Copy nftables config
template:
dest: /etc/nftables.nft
src: nftables.nft.j2
mode: 0644
notify: reload nftables
- name: Copy static nftables includes
template:
dest: '/etc/nftables.d/{{ item }}'
src: '{{ item }}.j2'
mode: 0644
loop:
- interfaces.nft
notify: reload nftables
- name: Enable nftables service
service:
name: nftables
enabled: yes
state: started