ansible.nftables/tasks/main.yml

---
# tasks file for nftables

- name: Load specific OS vars for nft
  include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version }}.yml"
    - "{{ ansible_distribution|lower }}.yml"
    - "{{ ansible_os_family|lower }}.yml"

# package {{{
- name: Manage packages
  package:
    name: '{{ item }}'
    state: '{{ nft_pkg_state }}'
  with_items:
    - '{{ nft_pkg_list }}'
  when: nft_pkg_manage

# }}}

# conf {{{
- name: generate main conf file
  template:
    src: "{{ nft_main_conf_content }}"
    dest: "{{ nft_main_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service
# }}}
Install nftables. 2017-08-07 12:09:13 +02:00			`---`
			`# tasks file for nftables`

			`- name: Load specific OS vars for nft`
			`include_vars: "{{ item }}"`
			`with_first_found:`
			`- "{{ ansible_distribution\|lower }}-{{ ansible_distribution_version }}.yml"`
			`- "{{ ansible_distribution\|lower }}.yml"`
			`- "{{ ansible_os_family\|lower }}.yml"`

Generate main configuration file. 2017-08-07 13:48:54 +02:00			`# package {{{`
Install nftables. 2017-08-07 12:09:13 +02:00			`- name: Manage packages`
			`package:`
			`name: '{{ item }}'`
			`state: '{{ nft_pkg_state }}'`
			`with_items:`
			`- '{{ nft_pkg_list }}'`
			`when: nft_pkg_manage`

Generate main configuration file. 2017-08-07 13:48:54 +02:00			`# }}}`

			`# conf {{{`
			`- name: generate main conf file`
			`template:`
			`src: "{{ nft_main_conf_content }}"`
			`dest: "{{ nft_main_conf_path }}"`
			`owner: root`
			`group: root`
			`mode: 0755`
			`backup: yes`
Notify `nftables` service when configuration file is modified. 2017-08-07 14:14:14 +02:00			`notify: restart nftables service`
Generate main configuration file. 2017-08-07 13:48:54 +02:00			`# }}}`