infra/ansible-role-firewall
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ansible-role-firewall/tasks/main.yml
nd 8a8192749b
add support to enable routing
2020-08-07 23:10:46 +02:00

47 lines
885 B
YAML
Raw Blame History

- name: ensure nft is installed
apt:
pkg:
- nftables
notify:
- reload nftables
- name: remove legacy firewalls
apt:
pkg:
- ferm
# - iptables
purge: True
state: absent
- name: setup firewall directories
file:
path: /etc/nftables.d
owner: root
group: root
mode: "0755"
state: directory
- name: update firewall rules
template:
src: nftables.conf.j2
dest: /etc/nftables.conf
owner: root
group: root
mode: "0755"
notify:
- reload nftables
- name: copy netforwarding script
when: firewall.routing
template:
src: netforwarding.j2
dest: /usr/local/bin/netforwarding
mode: 0755
- name: setup netforwarding service
when: firewall.routing
notify: restart netforwarding
template:
src: netforwarding.service.j2
dest: /etc/systemd/system/netforwarding.service
mode: 0644
Reference in a new issue View git blame Copy permalink