Add firewall playbook

playbooks/10-firewall.yaml

@@ -0,0 +1,28 @@
+---
+- name: Configure firewall
+  hosts: all
+  tasks:
+    - name: Install required packages
+      ansible.builtin.apt:
+        name:
+          - nftables
+
+    - name: Override nftables configurations
+      ansible.builtin.copy:
+        src: nftables.conf
+        dest: /etc/
+        owner: root
+        mode: '0755'
+
+    - name: Restart nftables
+      ansible.builtin.systemd:
+        name: nftables.service
+        state: restarted
+        enabled: true
+
+  # TODO check docker is not pissed off by nftables restart
+    # - name: Restart docker daemon
+    #   ansible.builtin.systemd:
+    #       name: docker.service
+    #       state: restarted
+    #       enabled: true