diff options
author | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-07 16:27:49 +0100 |
---|---|---|
committer | Emil Renner Berthing <esmil@labitat.dk> | 2017-11-12 14:56:32 +0100 |
commit | e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84 (patch) | |
tree | 41ba5163cf6f110521f2ebc9035f77d2754796a0 /roles/space_server/tasks/nftables.yml | |
download | labitat-ansible-e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84.tar.gz labitat-ansible-e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84.tar.xz labitat-ansible-e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84.zip |
initial commit
Diffstat (limited to 'roles/space_server/tasks/nftables.yml')
-rw-r--r-- | roles/space_server/tasks/nftables.yml | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/roles/space_server/tasks/nftables.yml b/roles/space_server/tasks/nftables.yml new file mode 100644 index 0000000..a7fb588 --- /dev/null +++ b/roles/space_server/tasks/nftables.yml @@ -0,0 +1,34 @@ +--- +- name: Install our nftables service + copy: + src: nftables/nftables.service + dest: '/etc/systemd/system/nftables.service' + +- name: Install nftables package + dnf: + name: nftables + state: latest + tags: + - packages + +- name: Configure nftables + copy: + src: nftables/nftables.conf + dest: '/etc/sysconfig/nftables.conf' + notify: + - reload nftables + +- name: Enable nftables service + systemd: + name: nftables.service + enabled: yes + masked: no + state: started + when: "'container' not in ansible_env" +- name: '- when in nspawn' + command: systemctl enable nftables.service + args: + creates: '/etc/systemd/system/multi-user.target.wants/nftables.service' + when: "'container' in ansible_env" + +# vim: set ts=2 sw=2 et: |