25 lines
511 B
YAML
25 lines
511 B
YAML
---
|
|
# Configure UFW firewall
|
|
|
|
- name: Set UFW default deny incoming
|
|
community.general.ufw:
|
|
direction: incoming
|
|
policy: deny
|
|
|
|
- name: Set UFW default allow outgoing
|
|
community.general.ufw:
|
|
direction: outgoing
|
|
policy: allow
|
|
|
|
- name: Allow required ports
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "{{ item.port | string }}"
|
|
proto: "{{ item.proto }}"
|
|
comment: "{{ item.comment }}"
|
|
loop: "{{ ufw_allowed_ports }}"
|
|
|
|
- name: Enable UFW
|
|
community.general.ufw:
|
|
state: enabled
|