diff options
| -rw-r--r-- | roles/common/tasks/firewall.yml | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/roles/common/tasks/firewall.yml b/roles/common/tasks/firewall.yml index fd1ad92..30f4fa9 100644 --- a/roles/common/tasks/firewall.yml +++ b/roles/common/tasks/firewall.yml @@ -1,27 +1,27 @@ - name: Install nftables apt: pkg=nftables - name: Copy /usr/local/sbin/update-firewall copy: src=usr/local/sbin/update-firewall dest=/usr/local/sbin/update-firewall owner=root group=staff mode=0755 - name: Copy /etc/nftables.conf template: src=etc/nftables.conf.j2 dest=/etc/nftables.conf owner=root group=root mode=0644 - name: Ensure the firewall is up to date command: /usr/local/sbin/update-firewall -c register: rv # A non-zero return value will make ansible stop and show stderr. This # is what we want. - changed_when: rv.rc + changed_when: rv.rc != 0 - name: Enable nftables.service service: name=nftables enabled=yes - name: Start nftables.service service: name=nftables state=started |