From 3cc6801c8089aab6e3304ef7933847a9e7a61c3b Mon Sep 17 00:00:00 2001
From: Simon Cornet <simon@simoncor.net>
Date: Tue, 22 Jul 2025 11:40:42 +0200
Subject: [PATCH] feat: use union to unify the firewall creation rule

---
 tasks/firewall.yaml | 21 ++++-----------------
 1 file changed, 4 insertions(+), 17 deletions(-)

diff --git a/tasks/firewall.yaml b/tasks/firewall.yaml
index 12d6cbf..32b289f 100644
--- a/tasks/firewall.yaml
+++ b/tasks/firewall.yaml
@@ -9,8 +9,7 @@
     - name: "set vars"
       ansible.builtin.set_fact:
         __firewall_enable: "{{ firewall_enable }}"
-        __firewall_basic_rules: "{{ firewall_basic_rules }}"
-        __firewall_host_rules: "{{ firewall_host_rules }}"
+        __firewall_all_rules: "{{ firewall_basic_rules | union(firewall_host_rules)}}"
 
     # manage firewall for debian
     - name: "firewall - debian family"
@@ -54,26 +53,14 @@
                 policy: "deny"
                 logging: "on"
 
-            # basic firewall rules
-            - name: "firewall - add basic rules"
+            # firewall rules
+            - name: "firewall - add rules"
               community.general.ufw:
                 rule: "allow"
                 direction: "in"
                 proto: "{{ item.proto | default('tcp') }}"
                 from_ip: "{{ item.from_ip }}"
                 to_port: "{{ item.to_port }}"
-              loop: "{{ __firewall_basic_rules }}"
-              loop_control:
-                label: " {{ item.name }}"
-
-            # host firewall rules
-            - name: "firewall - add host rules"
-              community.general.ufw:
-                rule: "allow"
-                direction: "in"
-                proto: "{{ item.proto | default('tcp') }}"
-                from_ip: "{{ item.from_ip }}"
-                to_port: "{{ item.to_port }}"
-              loop: "{{ __firewall_host_rules }}"
+              loop: "{{ __firewall_all_rules  }}"
               loop_control:
                 label: " {{ item.name }}"