ansible.nftables/templates/lib/systemd/system/nftables.service.j2

27 lines
781 B
Plaintext
Raw Normal View History

2018-02-06 16:58:18 +01:00
# {{ ansible_managed }}
[Unit]
Description={{ nft_service_name }}
Documentation=man:nft(8) http://wiki.nftables.org
;Before=fail2ban.service
2018-02-06 16:58:18 +01:00
[Service]
Type=oneshot
RemainAfterExit=yes
StandardInput=null
{% if nft__service_protect %}
2018-02-06 16:58:18 +01:00
ProtectSystem=full
ProtectHome=true
{% endif %}
{% if nft__fail2ban_service %}
ExecStart=/usr/sbin/nft -f {{ nft_main_conf_path }} ; /bin/systemctl restart fail2ban.service
ExecReload=/usr/sbin/nft -f {{ nft_main_conf_path }} ; /bin/systemctl restart fail2ban.service
ExecStop=/bin/systemctl stop fail2ban.service ; /usr/sbin/nft flush ruleset
{% else %}
2018-02-06 16:58:18 +01:00
ExecStart=/usr/sbin/nft -f {{ nft_main_conf_path }}
ExecReload=/usr/sbin/nft -f {{ nft_main_conf_path }}
ExecStop=/usr/sbin/nft flush ruleset
{% endif %}
2018-02-06 16:58:18 +01:00
[Install]
WantedBy=multi-user.target