21 lines
311 B
YAML
21 lines
311 B
YAML
|
---
|
||
|
|
||
|
- name: "update cache"
|
||
|
apt:
|
||
|
update_cache: yes
|
||
|
|
||
|
- name: "install ufw"
|
||
|
apt:
|
||
|
name: ufw
|
||
|
|
||
|
- name: deny everything and enable UFW
|
||
|
community.general.ufw:
|
||
|
state: enabled
|
||
|
policy: deny
|
||
|
|
||
|
- name: allow sshd port
|
||
|
community.general.ufw:
|
||
|
rule: allow
|
||
|
port: "{{ sshd_port }}"
|
||
|
proto: tcp
|