ansible/roles/nftables_router/tasks/main.yml

42 lines
789 B
YAML
Raw Permalink Normal View History

2021-03-10 03:16:51 +01:00
---
- name: Install nftables
become: true
apt:
name: nftables
state: latest
- name: Create nftables.d directory
become: true
file:
path: /etc/nftables.d
state: directory
owner: root
group: root
mode: u=rwx,g=rx,o=
- name: Configure nftables
become: true
template:
src: "{{ item }}.j2"
dest: "/etc/{{ item }}"
owner: root
group: root
mode: u=rw,g=r,o=
2021-03-10 03:16:51 +01:00
loop:
- nftables.d/10-vars.conf
- nftables.d/20-blacklist.conf
- nftables.d/30-rp-filter.conf
- nftables.d/40-signup.conf
- nftables.d/50-filter.conf
- nftables.d/60-nat.conf
- nftables.conf
notify: Reload nftables
- name: Enable and start nftables
become: true
systemd:
name: nftables.service
state: started
enabled: true
...