init.sls 510 B

1234567891011121314151617181920212223242526272829
  1. #
  2. # nftables state
  3. #
  4. nftables:
  5. pkg.installed:
  6. - name: nftables
  7. service.running:
  8. - enable: true
  9. - reload: true
  10. /etc/nftables.conf:
  11. file.managed:
  12. - source: salt://nftables/nftables.conf.tmpl
  13. - template: jinja
  14. - mode: 755
  15. - require:
  16. - pkg: nftables
  17. - watch_in:
  18. - service: nftables
  19. purge-iptables:
  20. pkg.purged:
  21. - pkgs:
  22. - iptables-persistent
  23. {%- if not 'docker' in salt['pillar.get']('nodes:' ~ grains['id'] ~ ':roles', []) %}
  24. - iptables
  25. {%- endif %}