2022-10-03 16:15:12 +00:00
|
|
|
---
|
|
|
|
# tasks file for nftables
|
|
|
|
|
|
|
|
- name: Déployer la configuration générale
|
|
|
|
ansible.builtin.template:
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: u=rw,g=,o=
|
|
|
|
src: nftables.conf.j2
|
|
|
|
dest: /etc/nftables.conf
|
|
|
|
become: true
|
|
|
|
notify: Redémarrer nftables.service
|
|
|
|
|
2023-05-23 10:03:11 +00:00
|
|
|
- name: Construire la liste des règles
|
|
|
|
ansible.builtin.set_fact:
|
|
|
|
nftables_rules: "{{ nftables_rules + specific }}"
|
|
|
|
when: specific | length > 0
|
|
|
|
loop: "{{ lookup('ansible.builtin.varnames', '^nftables_rules_.+', wantlist=True) }}"
|
|
|
|
vars:
|
|
|
|
specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"
|
|
|
|
|
|
|
|
- name: Construire la liste des tables
|
|
|
|
ansible.builtin.set_fact:
|
|
|
|
nftables_tables: "{{ nftables_tables + specific }}"
|
|
|
|
when: specific | length > 0
|
|
|
|
loop: "{{ lookup('ansible.builtin.varnames', '^nftables_tables_.+', wantlist=True) }}"
|
|
|
|
vars:
|
|
|
|
specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"
|
2022-10-03 16:15:12 +00:00
|
|
|
|
|
|
|
- name: Déployer les règles
|
|
|
|
ansible.builtin.template:
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: u=rw,g=,o=
|
|
|
|
src: "{{ role_path }}/templates/rules.conf.j2"
|
2023-12-28 16:39:20 +00:00
|
|
|
dest: "/srv/nftables/rules.conf"
|
|
|
|
when: nftables_rules | length > 0
|
2022-10-03 16:15:12 +00:00
|
|
|
become: true
|
|
|
|
notify: Redémarrer nftables.service
|
|
|
|
|
|
|
|
- name: Déployer les tables
|
|
|
|
ansible.builtin.template:
|
|
|
|
owner: root
|
|
|
|
group: root
|
|
|
|
mode: u=rw,g=,o=
|
2023-12-28 16:39:20 +00:00
|
|
|
src: tables.conf.j2
|
|
|
|
dest: /srv/nftables/tables.conf
|
|
|
|
when: nftables_tables | length > 0
|
2022-10-03 16:15:12 +00:00
|
|
|
become: true
|
|
|
|
notify: Redémarrer nftables.service
|