{"id":27088993,"url":"https://github.com/devops-works/ansible-nftables","last_synced_at":"2026-01-19T22:01:23.133Z","repository":{"id":58850312,"uuid":"495467402","full_name":"devops-works/ansible-nftables","owner":"devops-works","description":"Ansible role for nftables","archived":false,"fork":false,"pushed_at":"2025-08-15T19:19:45.000Z","size":32,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-08-15T21:43:59.995Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devops-works.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2022-05-23T15:25:38.000Z","updated_at":"2025-08-15T19:19:46.000Z","dependencies_parsed_at":"2025-08-15T21:07:16.219Z","dependency_job_id":"65ef7d2a-ae80-4b59-88d4-61c53a2c0e95","html_url":"https://github.com/devops-works/ansible-nftables","commit_stats":null,"previous_names":[],"tags_count":12,"template":false,"template_full_name":null,"purl":"pkg:github/devops-works/ansible-nftables","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-works%2Fansible-nftables","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-works%2Fansible-nftables/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-works%2Fansible-nftables/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-works%2Fansible-nftables/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devops-works","download_url":"https://codeload.github.com/devops-works/ansible-nftables/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-works%2Fansible-nftables/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28587043,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-19T20:45:59.482Z","status":"ssl_error","status_checked_at":"2026-01-19T20:45:41.500Z","response_time":67,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-04-06T06:37:13.303Z","updated_at":"2026-01-19T22:01:23.111Z","avatar_url":"https://github.com/devops-works.png","language":"Jinja","readme":"# nftable role\n\n| Branch        | Status          |\n| :-----------: | :-------------: |\n| [master](https://github.com/devops-works/ansible-nftables) | ![Build status](https://github.com/devops-works/ansible-nftables/actions/workflows/test.yml/badge.svg) |\n\n## Variables\n\n- `nft_ansible_controllers_v4` (default `[]`): list of ansible/ssh controllers\n  to open ssh for (v4)\n- `nft_ansible_controllers_v6` (default `[]`): list of ansible/ssh controllers\n  to open ssh for (v6)\n- `nft_auto_whitelist` (default `false`): whether to auto-whitelist all hosts\n  in play\n- `nft_ssh_ports` (default `[22,22222]`): SSH ports to open for ansible/ssh\n  controllers\n\n## Test\n\n```bash\nmolecule test\n```\n\n## Usage\n\n### Base deploy\n\nYou can call this role to install nftables and deploy base rules like so:\n\n```yaml\n- hosts: all\n  become: true\n  gather_facts: true\n  roles:\n    - ansible-nftables\n```\n\nThis will deploy base rules, and open SSH for hosts listed in\n`nft_ansible_controllers_v4` and  `nft_ansible_controllers_v6`.\n\nIf nft_auto_whitelist is set to true, it will also whitelist servers listed in\ninventory.\n\n## Custom rule\n\nIf you need to add a specific rule for a service, you can call the role in\n\"single rule mode\" by setting `nft_add_input_rule`:\n\n```yaml\n# - deploy a web server for instance\n- role: ansible-nftables\n  nft_add_input_rule:\n    - type: 'dport_accept'\n      protocol: 'tcp'\n      dports: [ '80', '443' ]\n      saddrs: [ '0.0.0.0/0', '::/0' ]\n      weight: '90'\n      comment: \"allow HTTP \u0026 HTTPS in (v4/v6)\"\n      name: 'web_clients_accept'\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-works%2Fansible-nftables","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevops-works%2Fansible-nftables","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-works%2Fansible-nftables/lists"}