22 lines
461 B
YAML
22 lines
461 B
YAML
- name: Install Uncomplicated Firewall
|
|
ansible.builtin.package:
|
|
name: ufw
|
|
state: present
|
|
|
|
- name: Allow OpenSSH inbound
|
|
community.general.ufw:
|
|
rule: allow
|
|
name: OpenSSH # Uses standard profile located in /etc/ufw/applications.d
|
|
|
|
- name: Apply rate limiting to ssh inbound
|
|
community.general.ufw:
|
|
rule: limit
|
|
port: ssh
|
|
proto: tcp
|
|
|
|
- name: Enable ufw
|
|
ansible.builtin.service:
|
|
name: ufw
|
|
state: started
|
|
enabled: yes
|