1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
---
- name: "[nftables] Create rule for: nginx(http & https)"
copy:
src: nftables-rule.nft
dest: /etc/nftables.d/nginx.nft
notify: "Restart nftables"
when:
- services.nginx.sslOnly is false
- name: "[nftables] Create rule for: nginx(https only)"
copy:
src: nftables-rule_httpsOnly.nft
dest: /etc/nftables.d/nginx.nft
notify: "Restart nftables"
when:
- services.nginx.sslOnly is true