proxmox-backup: add firewall

roles/proxmox-backup/handlers/main.yml

@@ -10,3 +10,9 @@
   package:
     update_cache: yes
   when: "'handler' not in ansible_skip_tags"
+
+- name: reload nftables
+  service:
+    name: nftables
+    state: reloaded
+  when: "'handler' not in ansible_skip_tags"

roles/proxmox-backup/tasks/firewall.yml

@@ -0,0 +1,16 @@
+- name: Install nftables
+  package:
+    name: nftables
+
+- name: Configure nftables
+  template:
+    dest: /etc/nftables.conf
+    src: nftables.conf.j2
+    mode: 0644
+  notify: reload nftables
+
+- name: Enable nftables
+  service:
+    name: nftables
+    enabled: true
+    state: started

roles/proxmox-backup/tasks/main.yml

@@ -83,5 +83,4 @@
       notify: reboot
 
 
-
+- include_tasks: firewall.yml
-- meta: flush_handlers