1 files changed, 25 insertions, 0 deletions

diff --git a/roles/pf/tasks/main.yml b/roles/pf/tasks/main.yml
new file mode 100644
index 0000000..4fafb77
--- /dev/null
+++ b/roles/pf/tasks/main.yml
@@ -0,0 +1,25 @@
+- name: generate pf configuration
+  template:
+    src: pf.conf.j2
+    dest: "{{ pf_configuration_file }}"
+    owner: 0
+    group: 0
+    mode: 0600
+  notify:
+    - lint pf configuration
+
+- name: enable pf
+  command: pfctl -e
+  register: result
+  failed_when:
+    - result.rc != 0
+    - "'already enabled' not in result.stderr"
+
+- name: restart pf
+  command: pfctl -f "{{ pf_configuration_file }}"
+
+- name: test ssh connection on new pf rule
+  wait_for:
+    port: 22
+    delay: 2
+    state: started