32 lines
526 B
YAML
32 lines
526 B
YAML
- name: ensure nft is installed
|
|
apt:
|
|
pkg:
|
|
- nftables
|
|
notify:
|
|
- reload nftables
|
|
|
|
- name: remove legacy firewalls
|
|
apt:
|
|
pkg:
|
|
- ferm
|
|
# - iptables
|
|
purge: True
|
|
state: absent
|
|
|
|
- name: setup firewall directories
|
|
file:
|
|
path: /etc/nftables.d
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
state: directory
|
|
|
|
- name: update firewall rules
|
|
template:
|
|
src: nftables.conf.j2
|
|
dest: /etc/nftables.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
notify:
|
|
- reload nftables
|