From fe86852d77578a5ff9cf17b82e0ebd9df43014b0 Mon Sep 17 00:00:00 2001
From: Brendan Shephard <bshephar@redhat.com>
Date: Mon, 11 Nov 2024 14:51:49 +1000
Subject: [PATCH] Inject user provided nft rules

This change ensures that user provided rules are injected
into the edpm_nftables_src directory and loaded during rule generation.

The change adds a new variable to facilitate a user interface for rule injection
edpm_nftables_user_rules.

Signed-off-by: Brendan Shephard <bshephar@redhat.com>
---
 roles/edpm_nftables/tasks/configure.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/roles/edpm_nftables/tasks/configure.yml b/roles/edpm_nftables/tasks/configure.yml
index 849583176..9864a161c 100644
--- a/roles/edpm_nftables/tasks/configure.yml
+++ b/roles/edpm_nftables/tasks/configure.yml
@@ -31,6 +31,12 @@
         src: base-rules.yaml.j2
         mode: "0644"
 
+    - name: Write user rules snippet
+      ansible.builtin.copy:
+        dest: "{{ edpm_nftables_src }}/edpm-nftables-user-rules.yaml"
+        content: "{{ edpm_nftables_user_rules }}"
+        mode: "0644"
+
 - name: IPtables compatibility layout
   become: true
   block: