29 lines
672 B
YAML
29 lines
672 B
YAML
|
---
|
||
|
- name: Configure firewall
|
||
|
hosts: all
|
||
|
tasks:
|
||
|
- name: Install required packages
|
||
|
ansible.builtin.apt:
|
||
|
name:
|
||
|
- nftables
|
||
|
|
||
|
- name: Override nftables configurations
|
||
|
ansible.builtin.copy:
|
||
|
src: nftables.conf
|
||
|
dest: /etc/
|
||
|
owner: root
|
||
|
mode: '0755'
|
||
|
|
||
|
- name: Restart nftables
|
||
|
ansible.builtin.systemd:
|
||
|
name: nftables.service
|
||
|
state: restarted
|
||
|
enabled: true
|
||
|
|
||
|
# TODO check docker is not pissed off by nftables restart
|
||
|
# - name: Restart docker daemon
|
||
|
# ansible.builtin.systemd:
|
||
|
# name: docker.service
|
||
|
# state: restarted
|
||
|
# enabled: true
|