2022-01-02 17:16:29 +01:00
|
|
|
---
|
|
|
|
{%- from "nftables/map.jinja" import nftables with context %}
|
|
|
|
nftables-config-dir:
|
|
|
|
file.directory:
|
|
|
|
- name: {{ nftables.config_dir }}
|
|
|
|
|
|
|
|
nftables-blacklist-config:
|
|
|
|
file.managed:
|
|
|
|
- name: {{ nftables.config_dir }}/blacklist.nft
|
2022-01-06 23:18:36 +01:00
|
|
|
- source: salt://nftables/templates/blacklist.nft.j2
|
2022-01-02 17:39:23 +01:00
|
|
|
- template: jinja
|
2022-01-02 17:16:29 +01:00
|
|
|
- watch_in:
|
|
|
|
- service: nftables-service
|
|
|
|
- require:
|
|
|
|
- pkg: nftables-pkg
|
|
|
|
- file: nftables-config-dir
|
|
|
|
|
|
|
|
nftables-rules-config:
|
|
|
|
file.managed:
|
|
|
|
- name: {{ nftables.config_dir }}/rules.nft
|
2022-01-06 23:18:36 +01:00
|
|
|
- source: salt://nftables/templates/rules.nft.j2
|
2022-01-02 17:16:29 +01:00
|
|
|
- template: jinja
|
|
|
|
- watch_in:
|
|
|
|
- service: nftables-service
|
|
|
|
- require:
|
|
|
|
- pkg: nftables-pkg
|
|
|
|
- file: nftables-config-dir
|
|
|
|
|
|
|
|
nftables-main-config:
|
|
|
|
file.managed:
|
|
|
|
- name: /etc/nftables.conf
|
2022-01-06 23:18:36 +01:00
|
|
|
- source: salt://nftables/templates/nftables.conf.j2
|
2022-01-02 17:16:29 +01:00
|
|
|
- template: jinja
|
|
|
|
- watch_in:
|
|
|
|
- service: nftables-service
|
|
|
|
- require:
|
|
|
|
- file: nftables-rules-config
|
|
|
|
- pkg: nftables-pkg
|