infra-ansible

ansible script to ship alpine/ssh/wireguard

git clone https://9o.is/git/infra-ansible.git

commit 2a1a278b2bec467140de4ba818e61f860abc6786
parent 11cc802885c262b983b706d9277e7949a83a9f19
Author: Jul <jul@9o.is>
Date:   Fri, 17 May 2024 23:21:38 +0800

move nftables to firewall role

Diffstat:
A host/roles/firewall/handlers/main.yml  | 6 ++++++
R host/roles/wireguard/tasks/nftables.yml -> host/roles/firewall/tasks/main.yml  | 0 
R host/roles/wireguard/templates/nftables.conf.j2 -> host/roles/firewall/templates/nftables.conf.j2  | 0 
M host/roles/wireguard/tasks/main.yml  | 3 ---
M host/site.yml  | 3 +++

5 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/host/roles/firewall/handlers/main.yml b/host/roles/firewall/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: restart nftables
+  service:
+    name: nftables
+    state: restarted
+
diff --git a/host/roles/wireguard/tasks/nftables.yml b/host/roles/firewall/tasks/main.yml
diff --git a/host/roles/wireguard/templates/nftables.conf.j2 b/host/roles/firewall/templates/nftables.conf.j2
diff --git a/host/roles/wireguard/tasks/main.yml b/host/roles/wireguard/tasks/main.yml
@@ -10,6 +10,3 @@
 - name: configure wireguard server
   include_tasks: server.yml
 
-- name: configure server nftables
-  include_tasks: nftables.yml
-
diff --git a/host/site.yml b/host/site.yml
@@ -19,6 +19,9 @@
     - role: wireguard
       tags: wireguard
 
+    - role: firewall
+      tags: firewall
+
     - role: k0s
       tags: k0s

A	host/roles/firewall/handlers/main.yml	\|	6	++++++
R	host/roles/wireguard/tasks/nftables.yml -> host/roles/firewall/tasks/main.yml	\|	0
R	host/roles/wireguard/templates/nftables.conf.j2 -> host/roles/firewall/templates/nftables.conf.j2	\|	0
M	host/roles/wireguard/tasks/main.yml	\|	3	---
M	host/site.yml	\|	3	+++