---
# This role deploys firewall rulesets to Ubuntu hosts

- name: Make sure iptables and netfilter-persistent are installed
  apt:
    name: "{{ packages }}"
    state: latest
  vars:
    packages:
    - iptables-persistent
    - netfilter-persistent
    - ipset

- name: Copy IPv4 ruleset
  copy:
    src: "{{ ansible_fqdn }}.rules.v4"
    dest: /etc/iptables/rules.v4
  notify:
    - restart netfilter-persistent-v4

- name: Copy IPv6 ruleset
  copy:
    src: "{{ ansible_fqdn }}.rules.v6"
    dest: /etc/iptables/rules.v6
  notify:
    - restart netfilter-persistent-v6