roles/common: Use nftables on Ubuntu 20.04 as well

This mostly copies the Debian 11 nftables setup and includes a play to clean up the old firewalld settings, timers, etc.
2021-07-28 14:18:41 +03:00
parent 8bc2b6f493
commit b66c724109
3 changed files with 110 additions and 34 deletions
--- a/roles/common/templates/etc/fail2ban/jail.d/sshd.local.j2
+++ b/roles/common/templates/etc/fail2ban/jail.d/sshd.local.j2
@ -2,7 +2,7 @@
 enabled   = true
 # See: /etc/fail2ban/filter.d/sshd.conf
 filter    = sshd
-{% if ansible_distribution == 'Debian' and ansible_distribution_major_version is version('11', '>=') %}
+{% if (ansible_distribution == 'Debian' and ansible_distribution_major_version is version('11', '>=')) or (ansible_distribution == 'Ubuntu' and ansible_distribution_version is version('20.04', '>=')) %}
 # Integrate with nftables
 banaction=nftables[type=allports]
 {% else %}