28 lines
742 B
YAML
28 lines
742 B
YAML
- hosts: localhost
|
|
tasks:
|
|
- name: "network/firewall : Install nftables packages"
|
|
package:
|
|
name:
|
|
- nftables
|
|
state: present
|
|
- name: "network/firewall : Create nftables.d directory"
|
|
file:
|
|
state: directory
|
|
path: /etc/nftables.d
|
|
owner: root
|
|
group: root
|
|
mode: "0755"
|
|
- name: "network/firewall : Firewall rules"
|
|
template:
|
|
src: files/firewall_rules.nft.j2
|
|
dest: /etc/nftables.d/noveria.nft
|
|
owner: root
|
|
group: root
|
|
mode: "0600"
|
|
vars:
|
|
ALLOWED_PORTS: [80, 443]
|
|
- name: "network/firewall : Enable nftables service"
|
|
service:
|
|
name: nftables
|
|
state: started
|
|
enabled: true
|