From e8cdba85c48dcbbd42e6fcb5be3aa2912008cb84 Mon Sep 17 00:00:00 2001
From: Emil Renner Berthing <esmil@labitat.dk>
Date: Tue, 7 Nov 2017 16:27:49 +0100
Subject: initial commit

---
 roles/space_server/tasks/nftables.yml | 34 ++++++++++++++++++++++++++++++++++
 1 file changed, 34 insertions(+)
 create mode 100644 roles/space_server/tasks/nftables.yml

(limited to 'roles/space_server/tasks/nftables.yml')

diff --git a/roles/space_server/tasks/nftables.yml b/roles/space_server/tasks/nftables.yml
new file mode 100644
index 0000000..a7fb588
--- /dev/null
+++ b/roles/space_server/tasks/nftables.yml
@@ -0,0 +1,34 @@
+---
+- name: Install our nftables service
+  copy:
+    src: nftables/nftables.service
+    dest: '/etc/systemd/system/nftables.service'
+
+- name: Install nftables package
+  dnf:
+    name: nftables
+    state: latest
+  tags:
+    - packages
+
+- name: Configure nftables
+  copy:
+    src: nftables/nftables.conf
+    dest: '/etc/sysconfig/nftables.conf'
+  notify:
+    - reload nftables
+
+- name: Enable nftables service
+  systemd:
+    name: nftables.service
+    enabled: yes
+    masked: no
+    state: started
+  when: "'container' not in ansible_env"
+- name: '- when in nspawn'
+  command: systemctl enable nftables.service
+  args:
+    creates: '/etc/systemd/system/multi-user.target.wants/nftables.service'
+  when: "'container' in ansible_env"
+
+# vim: set ts=2 sw=2 et:
-- 
cgit v1.2.1