infra-ansible

ansible script to ship alpine/ssh/wireguard

git clone https://9o.is/git/infra-ansible.git

nftables.yml

(377B)

      1 ---
      2 - name: install nftables
      3   package:
      4     name: nftables
      5     state: present
      6 
      7 - name: enable nftables service
      8   service:
      9     name: nftables
     10     enabled: true
     11 
     12 - name: upload server nftables config
     13   template:
     14     src: nftables.conf.j2
     15     dest: /etc/nftables.nft
     16     owner: root
     17     group: root
     18     mode: '0644'
     19     validate: nft --check --file %s
     20   notify: restart nftables
     21