35 lines
718 B
YAML
35 lines
718 B
YAML
- name: Nginx
|
|
hosts: pi
|
|
become: true
|
|
tasks:
|
|
- name: Install ufw
|
|
ansible.builtin.apt:
|
|
name: ufw
|
|
state: present
|
|
|
|
- name: Allow SSH
|
|
community.general.ufw:
|
|
rule: allow
|
|
name: OpenSSH
|
|
|
|
- name: UFW - Allow HTTP connections
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "80"
|
|
proto: tcp
|
|
|
|
- name: UFW - Allow HTTPS connections
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: "443"
|
|
proto: tcp
|
|
|
|
- name: UFW - Enable and deny by default
|
|
community.general.ufw:
|
|
state: enabled
|
|
default: deny
|
|
|
|
- name: UFW - Reload firewall
|
|
changed_when: true
|
|
ansible.builtin.command: ufw reload
|