From 2bc5194d1f8ea7ed89d81b6c040e44b182112cdc Mon Sep 17 00:00:00 2001
From: nd <git@notandy.de>
Date: Sun, 14 Jun 2020 23:27:22 +0200
Subject: [PATCH] add variable support

---
 defaults/main.yml          | 1 +
 templates/nftables.conf.j2 | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/defaults/main.yml b/defaults/main.yml
index 6fe4b5d..cd28674 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -15,3 +15,4 @@ firewall:
     input: drop
     output: accept
     forward: drop
+  vars: {}
diff --git a/templates/nftables.conf.j2 b/templates/nftables.conf.j2
index a35f961..0daebe7 100644
--- a/templates/nftables.conf.j2
+++ b/templates/nftables.conf.j2
@@ -19,6 +19,10 @@
 
 flush ruleset
 
+{% for i in firewall.vars %}
+define {{ i }} = { {{ firewall.vars[i]|join(', ') }} }
+{% endfor %}
+
 table inet filter {
 	chain input {
 		type filter hook input priority 0;