--- - name: "[Alpine] Install Package: nftables" apk: name: nftables state: present update_cache: yes when: - ansible_distribution == "Alpine" - network.nftables.enable is true - name: "[Archlinux] Install Package: nftables" pacman: name: nftables state: present update_cache: yes when: - ansible_distribution == "Archlinux" - network.nftables.enable is true - name: "[Alpine] Create file: /etc/nftables.nft" copy: src: "{{ network.nftables.configFile | default('nftables-config.nft') }}" dest: /etc/nftables.nft mode: 0644 register: nftablesConfig when: - ansible_distribution == "Alpine" - network.nftables.enable is true - name: "[Archlinux] Create file: /etc/nftables.conf" copy: src: "{{ network.nftables.configFile | default('nftables-config.nft') }}" dest: /etc/nftables.conf mode: 0644 register: nftablesConfig when: - ansible_distribution == "Archlinux" - network.nftables.enable is true - name: "[Archlinux] Create directory: /etc/nftables.d" file: state: directory path: /etc/nftables.d mode: 0755 when: - ansible_distribution == "Archlinux" - network.nftables.enable is true - name: "[OpenRC] Enable and start service: nftables" service: name: nftables enabled: yes state: started when: - ansible_service_mgr == "openrc" - network.nftables.enable is true - name: "[systemd] Enable and start service: nftables" systemd: name: nftables enabled: yes state: started when: - ansible_service_mgr == "systemd" - network.nftables.enable is true - name: "[OpenRC] Restart service: nftables (to deploy new config)" service: name: nftables state: restarted when: - ansible_service_mgr == "openrc" - network.nftables.enable is true - nftablesConfig.changed - name: "[systemd] Restart service: nftables (to deploy new config)" systemd: name: nftables state: restarted when: - ansible_service_mgr == "systemd" - network.nftables.enable is true - nftablesConfig.changed