---
# tasks file for nftables

- name: Load specific OS vars for nft
  include_vars: "{{ item }}"
  with_first_found:
    - "{{ ansible_distribution|lower }}-{{ ansible_distribution_version }}.yml"
    - "{{ ansible_distribution|lower }}.yml"
    - "{{ ansible_os_family|lower }}.yml"

# package {{{
- name: Manage packages
  package:
    name: '{{ item }}'
    state: '{{ nft_pkg_state }}'
  with_items:
    - '{{ nft_pkg_list }}'
  when: nft_pkg_manage

# }}}

# conf {{{
- name: generate main conf file
  template:
    src: "{{ nft_main_conf_content }}"
    dest: "{{ nft_main_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service

- name: generate input rules file
  template:
    src: "{{ nft_input_conf_content }}"
    dest: "{{ nft_input_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service

- name: generate output rules file
  template:
    src: "{{ nft_output_conf_content }}"
    dest: "{{ nft_output_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service

- name: generate vars definition file
  template:
    src: "{{ nft_define_conf_content }}"
    dest: "{{ nft_define_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service

- name: generate sets and maps file
  template:
    src: "{{ nft_set_conf_content }}"
    dest: "{{ nft_set_conf_path }}"
    owner: root
    group: root
    mode: 0755
    backup: yes
  notify: restart nftables service
# }}}