role_nftables/tasks/configuration.yml

---
# tasks file for nftables

- name: Déployer la configuration générale
  ansible.builtin.template:
    owner: root
    group: root
    mode: u=rw,g=,o=
    src: nftables.conf.j2
    dest: /etc/nftables.conf
  become: true
  notify: Redémarrer nftables.service

- name: Construire la liste des règles
  ansible.builtin.set_fact:
    nftables_rules: "{{ nftables_rules + specific }}"
  when: specific | length > 0
  loop: "{{ lookup('ansible.builtin.varnames', '^nftables_rules_.+', wantlist=True) }}"
  vars:
    specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"

- name: Construire la liste des tables
  ansible.builtin.set_fact:
    nftables_tables: "{{ nftables_tables + specific }}"
  when: specific | length > 0
  loop: "{{ lookup('ansible.builtin.varnames', '^nftables_tables_.+', wantlist=True) }}"
  vars:
    specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"

#- name: Déployer les règles
#  ansible.builtin.template:
#    owner: root
#    group: root
#    mode: u=rw,g=,o=
#    src: "{{ role_path }}/templates/rules.conf.j2"
#    dest: "/srv/nftables/rules.conf"
#  become: true
#  notify: Redémarrer nftables.service

- name: Déployer les tables
  ansible.builtin.template:
    owner: root
    group: root
    mode: u=rw,g=,o=
    src: "{{ role_path }}/templates/tables.conf.j2"
    dest: "/srv/nftables/tables_{{ item.filename }}.conf"
  loop: "{{ nftables_tables }}"
  loop_control:
    label: "{{ item.filename }}"
  become: true
  notify: Redémarrer nftables.service
[INFO] Création du rôle 2022-10-03 16:15:12 +00:00			`---`
			`# tasks file for nftables`

			`- name: Déployer la configuration générale`
			`ansible.builtin.template:`
			`owner: root`
			`group: root`
			`mode: u=rw,g=,o=`
			`src: nftables.conf.j2`
			`dest: /etc/nftables.conf`
			`become: true`
			`notify: Redémarrer nftables.service`

[EVO] Générer dynamiquement la liste des règles et tables 2023-05-23 10:03:11 +00:00			`- name: Construire la liste des règles`
			`ansible.builtin.set_fact:`
			`nftables_rules: "{{ nftables_rules + specific }}"`
			`when: specific \| length > 0`
			`loop: "{{ lookup('ansible.builtin.varnames', '^nftables_rules_.+', wantlist=True) }}"`
			`vars:`
			`specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"`

			`- name: Construire la liste des tables`
			`ansible.builtin.set_fact:`
			`nftables_tables: "{{ nftables_tables + specific }}"`
			`when: specific \| length > 0`
			`loop: "{{ lookup('ansible.builtin.varnames', '^nftables_tables_.+', wantlist=True) }}"`
			`vars:`
			`specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"`
[INFO] Création du rôle 2022-10-03 16:15:12 +00:00
feat: Merge rules and tables in one file 2023-12-28 16:39:20 +00:00			`#- name: Déployer les règles`
			`# ansible.builtin.template:`
			`# owner: root`
			`# group: root`
			`# mode: u=rw,g=,o=`
			`# src: "{{ role_path }}/templates/rules.conf.j2"`
			`# dest: "/srv/nftables/rules.conf"`
			`# become: true`
			`# notify: Redémarrer nftables.service`
[INFO] Création du rôle 2022-10-03 16:15:12 +00:00
			`- name: Déployer les tables`
			`ansible.builtin.template:`
			`owner: root`
			`group: root`
			`mode: u=rw,g=,o=`
			`src: "{{ role_path }}/templates/tables.conf.j2"`
			`dest: "/srv/nftables/tables_{{ item.filename }}.conf"`
			`loop: "{{ nftables_tables }}"`
			`loop_control:`
			`label: "{{ item.filename }}"`
			`become: true`
			`notify: Redémarrer nftables.service`