---
- name: Remove firewalld
  ansible.builtin.package:
    name: firewalld
    state: removed

- name: Install packages
  ansible.builtin.package:
    name: nftables
    state: installed

- name: Create config
  ansible.builtin.template:
    src: nftables.conf.j2
    dest: /etc/sysconfig/nftables.conf
    mode: "0600"
    owner: root
    group: "{{ ansible_wheel }}"
    validate: "nft -c -f %s"
  notify: Reload nftables

- name: Enable service
  ansible.builtin.service:
    name: nftables
    state: started
    enabled: true