---
- name: Install our nftables service
  copy:
    dest: '/etc/systemd/system/nftables.service'
    src: nftables.service
    owner: root
    group: root
    mode: 0644

- name: Configure nftables
  copy:
    dest: '/etc/nftables.conf'
    src: nftables.conf
    owner: root
    group: root
    mode: 0644
  notify:
  - reload nftables

- name: Symlink to /etc/nftables.conf
  file:
    path: '/etc/sysconfig/nftables.conf'
    src: '../nftables.conf'
    state: link
    force: yes
  notify:
  - reload nftables

- name: Enable nftables service
  systemd:
    name: nftables.service
    enabled: yes
    masked: no
    state: started
  when: not chroot
- name: '- when in chroot'
  command: systemctl enable nftables.service
  args:
    creates: '/etc/systemd/system/multi-user.target.wants/nftables.service'
  when: chroot

# vim: set ts=2 sw=2 et: