space_server: drop uneccessary subdirs

1 files changed, 30 insertions, 0 deletions

diff --git a/roles/space_server/files/nftables.service b/roles/space_server/files/nftables.service
new file mode 100644
index 0000000..f1c9028
--- /dev/null
+++ b/roles/space_server/files/nftables.service
@@ -0,0 +1,30 @@
+[Unit]
+Description=Netfilter Tables
+Documentation=man:nft(8)
+Requires=sys-devices-virtual-net-lan10.device
+Requires=sys-devices-virtual-net-lan11.device
+Requires=sys-devices-virtual-net-lan12.device
+Requires=sys-devices-virtual-net-lan13.device
+Requires=sys-devices-virtual-net-lan14.device
+Requires=sys-devices-virtual-net-lan15.device
+Requires=sys-devices-virtual-net-lan20.device
+After=sys-devices-virtual-net-lan10.device
+After=sys-devices-virtual-net-lan11.device
+After=sys-devices-virtual-net-lan12.device
+After=sys-devices-virtual-net-lan13.device
+After=sys-devices-virtual-net-lan14.device
+After=sys-devices-virtual-net-lan15.device
+After=sys-devices-virtual-net-lan20.device
+Before=network-online.target
+
+[Service]
+Type=oneshot
+ProtectSystem=full
+ProtectHome=true
+ExecStart=/sbin/nft -f /etc/sysconfig/nftables.conf
+ExecReload=/sbin/nft 'flush ruleset; include "/etc/sysconfig/nftables.conf";'
+ExecStop=/sbin/nft flush ruleset
+RemainAfterExit=yes
+
+[Install]
+WantedBy=multi-user.target