- name: Install Uncomplicated Firewall
  ansible.builtin.package:
    name: ufw
    state: present

- name: Allow OpenSSH inbound
  community.general.ufw:
    rule: allow
    name: OpenSSH # Uses standard profile located in /etc/ufw/applications.d

- name: Apply rate limiting to ssh inbound
  community.general.ufw:
    rule: limit
    port: ssh
    proto: tcp
  
- name: Enable ufw
  ansible.builtin.service:
    name: ufw
    state: started
    enabled: yes