From 7677bc25fa692e3d645ad852c8564de9ebfcaf33 Mon Sep 17 00:00:00 2001
From: Kris Lamoureux <kris@lamoureux.io>
Date: Sat, 13 Aug 2022 00:19:24 -0400
Subject: [PATCH] Add WireGuard firewall rule

---
 roles/base/tasks/wireguard.yml | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/roles/base/tasks/wireguard.yml b/roles/base/tasks/wireguard.yml
index 698c560..21a3be1 100644
--- a/roles/base/tasks/wireguard.yml
+++ b/roles/base/tasks/wireguard.yml
@@ -27,3 +27,10 @@
     name: wg-quick@wg0
     state: started
     enabled: true
+
+- name: Add WireGuard firewall rule
+  ufw:
+    rule: allow
+    port: "{{ wireguard.listenport }}"
+    proto: tcp
+  when: wireguard.listenport is defined