29 lines
672 B
YAML
29 lines
672 B
YAML
---
|
|
- name: Configure firewall
|
|
hosts: all
|
|
tasks:
|
|
- name: Install required packages
|
|
ansible.builtin.apt:
|
|
name:
|
|
- nftables
|
|
|
|
- name: Override nftables configurations
|
|
ansible.builtin.copy:
|
|
src: nftables.conf
|
|
dest: /etc/
|
|
owner: root
|
|
mode: '0755'
|
|
|
|
- name: Restart nftables
|
|
ansible.builtin.systemd:
|
|
name: nftables.service
|
|
state: restarted
|
|
enabled: true
|
|
|
|
# TODO check docker is not pissed off by nftables restart
|
|
# - name: Restart docker daemon
|
|
# ansible.builtin.systemd:
|
|
# name: docker.service
|
|
# state: restarted
|
|
# enabled: true
|