From 4a81e7d591606cd7ea642759320974828c81db37 Mon Sep 17 00:00:00 2001
From: Aravinth Manivannan <realaravinth@batsense.net>
Date: Mon, 11 Dec 2023 14:30:54 +0530
Subject: [PATCH] feat: rm ufw

configuring a firewall is external to installing mCaptcha, since we use
standard HTTP ports only. Should also make testing with woodpecker CI
easy.
---
 ansible/base.yml     | 3 ---
 ansible/locust.yml   | 2 ++
 ansible/mcaptcha.yml | 9 ---------
 3 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/ansible/base.yml b/ansible/base.yml
index 401a6a7..a82de8c 100644
--- a/ansible/base.yml
+++ b/ansible/base.yml
@@ -8,8 +8,6 @@
   pre_tasks:
     - name: Ensure all VMs are reachable
       ansible.builtin.ping:
-  roles:
-    - ufw
 
   tasks:
     - name: Install git, zip, nginx, wget, curl & other utils
@@ -27,4 +25,3 @@
           - python3-pip
           - virtualenv
           - python3-setuptools
-          - ufw
diff --git a/ansible/locust.yml b/ansible/locust.yml
index 401980d..5ca2861 100644
--- a/ansible/locust.yml
+++ b/ansible/locust.yml
@@ -4,6 +4,8 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 - name: Base configuration
   ansible.builtin.import_playbook: base.yml
+  roles:
+    - ufw
 
 - name: Configure Locust instances
   hosts: [mcaptcha_dos]
diff --git a/ansible/mcaptcha.yml b/ansible/mcaptcha.yml
index 67ba5bb..45927d8 100644
--- a/ansible/mcaptcha.yml
+++ b/ansible/mcaptcha.yml
@@ -59,7 +59,6 @@
         cache_valid_time: 3600
         pkg:
           - nginx
-          - ufw
 
     - name: Copy nginx vhost
       become: true
@@ -83,11 +82,3 @@
       ansible.builtin.service:
         name: nginx
         state: restarted
-
-    - name: Allow port 80 and enable UFW
-      become: true
-      community.general.ufw:
-        state: enabled
-        rule: allow
-        proto: tcp
-        port: "80"