commit 0236cddce716b4f7c8275648365ed753a7f1b4c7
Author: eric o meehan <eric@eom.dev>
Date:   Thu Aug 8 11:11:37 2024 -0400

    v0.0.1

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..5a76da2
--- /dev/null
+++ b/README.md
@@ -0,0 +1,37 @@
+Debian
+=========
+
+Initial configuration of a Debian node.
+
+Requirements
+------------
+
+None.
+
+Role Variables
+--------------
+
+is_new_host: boolean value to toggle non-idempotent steps (creating preseeds and editing the motd)
+
+Dependencies
+------------
+
+None.
+
+Example Playbook
+----------------
+
+    - hosts: servers
+      roles:
+         - { role: ericomeehan.debian, is_new_host: true }
+
+License
+-------
+
+BSD
+
+Author Information
+------------------
+
+Eric O'Neill Meehan
+https://www.eom.dev/
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..e8b4f9c
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,3 @@
+---
+# defaults file for ericomeehan.debian
+is_new_host: false
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..84098ea
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,2 @@
+---
+# handlers file for ericomeehan.debian
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..c572acc
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,52 @@
+galaxy_info:
+  author: your name
+  description: your role description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: license (GPL-2.0-or-later, MIT, etc)
+
+  min_ansible_version: 2.1
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..d575817
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,53 @@
+---
+# tasks file for ericomeehan.debian
+- name: Update apt
+  apt:
+    update_cache: yes
+
+- name: Install debconf-utils
+  when: is_new_host == true
+  apt:
+    name: debconf-utils
+    state: present
+
+- name: Create preseed file
+  when: is_new_host == true
+  shell: echo "#_preseed_V1" > /root/preseed.txt
+
+- name: Append installer's debconf database to the preseed file
+  when: is_new_host == true
+  shell: debconf-get-selections --installer >> /root/preseed.txt
+
+- name: Append debconf database to the preseed file
+  when: is_new_host == true
+  shell: debconf-get-selections >> /root/preseed.txt
+
+- name: Append text from files/motd to the beginning of remote motd file
+  when: is_new_host == true
+  blockinfile:
+    path: /etc/motd
+    marker: ""
+    block: |
+      {{ lookup('file', 'files/motd') }}
+
+- name: Copy nftables configuration template
+  template:
+    src: "nftables.conf.j2"
+    dest: /etc/nftables.conf
+
+- name: Enable nftables
+  service:
+    name: nftables
+    state: started
+    enabled: true
+
+- name: Install prometheus node exporter
+  apt:
+    name: prometheus-node-exporter
+    state: present
+
+- name: Enable prometheus node exporter
+  service:
+    name: prometheus-node-exporter
+    state: started
+    enabled: true
diff --git a/templates/nftables.conf.j2 b/templates/nftables.conf.j2
new file mode 100755
index 0000000..3ef5832
--- /dev/null
+++ b/templates/nftables.conf.j2
@@ -0,0 +1,18 @@
+#!/usr/sbin/nft -f
+
+flush ruleset
+
+table inet filter {
+	chain input {
+		type filter hook input priority filter;
+{% for port in open_ports %}
+    iifname "{{ port.interface }}" {{ port.protocol }} dport {{ port.port }} accept;
+{% endfor %}
+	}
+	chain forward {
+		type filter hook forward priority filter;
+	}
+	chain output {
+		type filter hook output priority filter;
+	}
+}
diff --git a/tests/inventory b/tests/inventory
new file mode 100644
index 0000000..878877b
--- /dev/null
+++ b/tests/inventory
@@ -0,0 +1,2 @@
+localhost
+
diff --git a/tests/test.yml b/tests/test.yml
new file mode 100644
index 0000000..fed2470
--- /dev/null
+++ b/tests/test.yml
@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - ericomeehan.debian
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..3f3153b
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,2 @@
+---
+# vars file for ericomeehan.debian