common/tasks/firewall/firewall-rules.yaml

---

# create firewall rule
- name: "firewall - allow {{ __rule['to_port'] }} from {{ __rule['from_ip'] }}"
  community.general.ufw:
    rule: "allow"
    direction: "in"
    proto: "{{ __rule['proto'] | default('tcp') }}"
    from_ip: "{{ __rule['from_ip'] }}"
    to_port: "{{ __rule['to_port'] }}"
  tags:
    - "firewall"