31 lines
522 B
YAML
31 lines
522 B
YAML
- name: remove legacy firewalls
|
|
apt:
|
|
pkg:
|
|
- ferm
|
|
- iptables
|
|
purge: True
|
|
state: absent
|
|
|
|
- name: ensure nft is installed
|
|
package:
|
|
name: nftables
|
|
notify:
|
|
- reload nftables
|
|
|
|
- name: setup firewall directories
|
|
file:
|
|
path: /etc/nftables.d
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
state: directory
|
|
|
|
- name: update firewall rules
|
|
template:
|
|
src: nftables.conf.j2
|
|
dest: /etc/nftables.conf
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
notify:
|
|
- reload nftables
|