feat: use ansible block

2025-03-31 18:19:09 +02:00 · 2025-03-31 18:19:09 +02:00 · b5c819fb27
commit b5c819fb27
parent 7d762d095d
12 changed files with 399 additions and 424 deletions
--- a/tasks/firewall/firewall-rules-routed.yaml
+++ b/tasks/firewall/firewall-rules-routed.yaml
@ -1,26 +1,29 @@
 ---

 # basic firewall rules
- name: "firewall - allow incoming routed traffic"
-  community.general.ufw:
-    rule: "allow"
-    route: "yes"
-    src: "{{ item[0] }}"
-    dest: "{{ item[1] }}"
-  with_nested:
-    - "{{ __rule['source_nets'] }}"
-    - "{{ __rule['destination_nets'] }}"
-  tags:
-    - "firewall"
+- name: "basic firewall rules"
+  block:

- name: "firewall - allow outgoing routed traffic"
-  community.general.ufw:
-    rule: "allow"
-    route: "yes"
-    src: "{{ item[1] }}"
-    dest: "{{ item[0] }}"
-  with_nested:
-    - "{{ __rule['source_nets'] }}"
-    - "{{ __rule['destination_nets'] }}"
+    # basic firewall rules
+    - name: "firewall - allow incoming routed traffic"
+      community.general.ufw:
+        rule: "allow"
+        route: "yes"
+        src: "{{ item[0] }}"
+        dest: "{{ item[1] }}"
+      with_nested:
+        - "{{ __rule['source_nets'] }}"
+        - "{{ __rule['destination_nets'] }}"
+
+    - name: "firewall - allow outgoing routed traffic"
+      community.general.ufw:
+        rule: "allow"
+        route: "yes"
+        src: "{{ item[1] }}"
+        dest: "{{ item[0] }}"
+      with_nested:
+        - "{{ __rule['source_nets'] }}"
+        - "{{ __rule['destination_nets'] }}"
+        
  tags:
    - "firewall"