alanorth/ansible-personal
1
0
Fork 0
Code Issues 4 Pull Requests Projects Releases Wiki Activity
ansible-personal/roles/common/tasks/firewall_Debian.yml
Alan Orth 5312dc6bd5
roles/common: use common nftables task 
Use a common nftables task on Debian and Ubuntu.
2025-01-27 23:05:38 +03:00

29 lines
813 B
YAML
Raw Blame History

---
# Debian 11+ will use nftables directly, with no firewalld.
- name: Install Debian firewall packages
when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.package:
name:
- libnet-ip-perl # for aggregate-cidr-addresses.pl
- nftables
- curl # for nftables update scripts
state: present
cache_valid_time: 3600
- name: Remove iptables on newer Debian
when: ansible_distribution_major_version is version('11', '>=')
ansible.builtin.apt:
pkg: iptables
state: absent
- name: Configure nftables
ansible.builtin.include_tasks: nftables.yml
when: ansible_distribution_version is version('11', '>=')
- ansible.builtin.include_tasks: fail2ban.yml
when:
- ansible_distribution_major_version is version('9', '>=')
# vim: set sw=2 ts=2:
Reference in New Issue View Git Blame Copy Permalink