---

- name: Install nftables
  ansible.builtin.apt:
    state: present
    update_cache: true
    pkg:
      - nftables


- name: Add nftables configuration
  ansible.builtin.template:
    src: nftables.conf.j2
    dest: /etc/nftables.conf
    owner: root
    group: root
    mode: "0644"
  notify:
    nftables_reload

- name: Enable nftables service
  ansible.builtin.service:
    name: nftables
    enabled: true
    state: started