From 304dc483b6ec18b688ef136e29b7bba001e98774 Mon Sep 17 00:00:00 2001
From: Aravinth Manivannan <realaravinth@batsense.net>
Date: Thu, 17 Aug 2023 04:57:33 +0530
Subject: [PATCH] feat: ansible: install and open ssh port using ufw

---
 ansible/roles/ufw/tasks/main.yml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 ansible/roles/ufw/tasks/main.yml

diff --git a/ansible/roles/ufw/tasks/main.yml b/ansible/roles/ufw/tasks/main.yml
new file mode 100644
index 0000000..03c940c
--- /dev/null
+++ b/ansible/roles/ufw/tasks/main.yml
@@ -0,0 +1,26 @@
+- name: Install ufw
+  become: true
+  ansible.builtin.apt:
+    update_cache: true
+    pkg:
+      - ufw
+
+- name: Set logging
+  become: true
+  community.general.ufw:
+    logging: "on"
+
+- name: Allow port 22 and enable UFW
+  become: true
+  community.general.ufw:
+    state: enabled
+    rule: allow
+    proto: tcp
+    port: "22"
+
+- name: Enable and start ufw service
+  become: true
+  ansible.builtin.service:
+    name: ufw
+    enabled: true
+    state: started