ansible-base/roles/ufw/tasks/main.json

[
	{
		"name": "install ufw",
		"become": true,
		"ansible.builtin.apt": {
			"update_cache": true,
			"pkg": [
				"ufw"
			]
		}
	},
	{
		"name": "ufw deny incoming",
		"become": true,
		"community.general.ufw": {
			"direction": "incoming",
			"proto": "any",
			"policy": "deny"
		}
	},
	{
		"name": "ufw allow outgoing",
		"become": true,
		"community.general.ufw": {
			"direction": "outgoing",
			"proto": "any",
			"policy": "allow"
		}
	},
	{
		"name": "ufw allow and rate-limit ssh",
		"become": true,
		"community.general.ufw": {
			"rule": "limit",
			"name": "ssh"
		}
	},
	{
		"name": "enable ufw service",
		"become": true,
		"community.general.ufw": {
			"state": "enabled"
		}
	}
]
Add ufw role - Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports 2024-04-20 17:08:39 +02:00			`[`
			`{`
			`"name": "install ufw",`
			`"become": true,`
			`"ansible.builtin.apt": {`
			`"update_cache": true,`
			`"pkg": [`
			`"ufw"`
			`]`
			`}`
			`},`
			`{`
			`"name": "ufw deny incoming",`
[fix] role:ufw:add missing become:true directives [mod] role:ufw:use fully qualified names for ansible tasks 2024-06-01 13:49:11 +02:00			`"become": true,`
			`"community.general.ufw": {`
Add ufw role - Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports 2024-04-20 17:08:39 +02:00			`"direction": "incoming",`
			`"proto": "any",`
			`"policy": "deny"`
			`}`
			`},`
			`{`
			`"name": "ufw allow outgoing",`
[fix] role:ufw:add missing become:true directives [mod] role:ufw:use fully qualified names for ansible tasks 2024-06-01 13:49:11 +02:00			`"become": true,`
			`"community.general.ufw": {`
Add ufw role - Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports 2024-04-20 17:08:39 +02:00			`"direction": "outgoing",`
			`"proto": "any",`
			`"policy": "allow"`
			`}`
			`},`
			`{`
			`"name": "ufw allow and rate-limit ssh",`
[fix] role:ufw:add missing become:true directives [mod] role:ufw:use fully qualified names for ansible tasks 2024-06-01 13:49:11 +02:00			`"become": true,`
			`"community.general.ufw": {`
Add ufw role - Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports 2024-04-20 17:08:39 +02:00			`"rule": "limit",`
			`"name": "ssh"`
			`}`
			`},`
			`{`
			`"name": "enable ufw service",`
[fix] role:ufw:add missing become:true directives [mod] role:ufw:use fully qualified names for ansible tasks 2024-06-01 13:49:11 +02:00			`"become": true,`
			`"community.general.ufw": {`
Add ufw role - Enable ufw and by default deny incoming traffic - in other roles: if ufw (role) is enabled, then allow necessary ports 2024-04-20 17:08:39 +02:00			`"state": "enabled"`
			`}`
			`}`
			`]`