---
# tasks file for nftables

- name: Build rules list
  ansible.builtin.set_fact:
    nftables_rules: "{{ nftables_rules + specific }}"
  when: specific | length > 0
  loop: "{{ lookup('ansible.builtin.varnames', '^nftables_rules_.+', wantlist=True) }}"
  vars:
    specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"

- name: Deploy configuration file
  ansible.builtin.template:
    src: "{{ nftables_conf_template }}"
    dest: "{{ nftables_conf_path }}"
    owner: root
    group: root
    mode: u=rw,g=,o=
  become: true
  notify: Restart nftables.service