homelab/roles/base/tasks/firewall.yml

- name: Install the Uncomplicated Firewall
  apt:
    name: ufw
    state: present

- name: Install Fail2ban
  apt:
    name: fail2ban
    state: present

- name: Deny incoming traffic by default
  ufw:
    default: deny
    direction: incoming

- name: Allow outgoing traffic by default
  ufw:
    default: allow
    direction: outgoing

- name: Allow OpenSSH with rate limiting
  ufw:
    name: ssh
    rule: limit

- name: Enable firewall
  ufw:
    state: enabled
Add the ufw firewall 2022-05-27 20:29:27 +00:00			`- name: Install the Uncomplicated Firewall`
			`apt:`
			`name: ufw`
			`state: present`

Add Fail2ban to Gitea and Bitwarden 2022-05-28 06:31:41 +00:00			`- name: Install Fail2ban`
			`apt:`
			`name: fail2ban`
			`state: present`

Add the ufw firewall 2022-05-27 20:29:27 +00:00			`- name: Deny incoming traffic by default`
			`ufw:`
			`default: deny`
			`direction: incoming`

			`- name: Allow outgoing traffic by default`
			`ufw:`
			`default: allow`
			`direction: outgoing`

			`- name: Allow OpenSSH with rate limiting`
			`ufw:`
			`name: ssh`
			`rule: limit`

			`- name: Enable firewall`
			`ufw:`
			`state: enabled`