---
- name: Test for cmdline path
  command: grep -E "console=|rootfstype" /boot/cmdline.txt
  register: boot_cmdline_path
  failed_when: false
  changed_when: false

- name: Set path to cmdline based on test
  set_fact:
    cmdline_path: "{{ (boot_cmdline_path.rc == 0) | ternary('/boot/cmdline.txt', '/boot/firmware/cmdline.txt') }}"

- name: Activating cgroup support
  lineinfile:
    path: "{{ cmdline_path }}"
    regexp: '^((?!.*\bcgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory\b).*)$'
    line: '\1 cgroup_enable=cpuset cgroup_memory=1 cgroup_enable=memory'
    backrefs: true
  notify: reboot

- name: Install iptables
  apt:
    name: iptables
    state: present

- name: Flush iptables before changing to iptables-legacy
  iptables:
    flush: true

- name: Changing to iptables-legacy
  community.general.alternatives:
    path: /usr/sbin/iptables-legacy
    name: iptables
  register: ip4_legacy

- name: Changing to ip6tables-legacy
  community.general.alternatives:
    path: /usr/sbin/ip6tables-legacy
    name: ip6tables
  register: ip6_legacy