From d117edc6d16d9eb0d2f4f20aa716a28c20000de2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Hannes=20K=C3=B6rber?= <hannes@hkoerber.de>
Date: Sat, 11 May 2024 10:47:02 +0200
Subject: [PATCH] Reintroduce fixed iptables workaround

---
 playbook.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/playbook.yml b/playbook.yml
index 18aa493..1338f23 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -154,6 +154,19 @@
             file: packages.yml
             name: defined_packages
 
+        - name: force-update iptables to iptables-nft on arch
+          shell: |
+            if ! pacman -Qi iptables | grep '^Name.*iptables-nft' ; then
+              # --noconfirm does not cut it
+              yes | pacman -S iptables-nft
+              exit 100
+            fi
+            exit 0
+          become: true
+          register: force_install_iptables
+          changed_when: force_install_iptables.rc == 100
+          failed_when: force_install_iptables.rc not in (0, 100)
+
         - set_fact:
             distro_packages: "{{ defined_packages|json_query('*.%s'|format(distro)) }}"