From d17e12fb94d3a582f18b52db0a90ceb659bfcb8c Mon Sep 17 00:00:00 2001
From: Ubergeek <ubergeek@yourtilde.com>
Date: Sun, 3 Feb 2019 19:30:14 +0000
Subject: [PATCH] Added ansible rules for ufw

---
 roles/shell/tasks/main.yml |  1 +
 roles/shell/tasks/ufw.yml  | 33 +++++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 roles/shell/tasks/ufw.yml

diff --git a/roles/shell/tasks/main.yml b/roles/shell/tasks/main.yml
index cfd300f..1047022 100644
--- a/roles/shell/tasks/main.yml
+++ b/roles/shell/tasks/main.yml
@@ -4,3 +4,4 @@
 - include: packages.yml
 - include: users.yml
 - include: apache2-mods.yml
+- include: ufw.yml
diff --git a/roles/shell/tasks/ufw.yml b/roles/shell/tasks/ufw.yml
new file mode 100644
index 0000000..f32edfb
--- /dev/null
+++ b/roles/shell/tasks/ufw.yml
@@ -0,0 +1,33 @@
+# Install our baseline packages for all machines, irrespective of what role they might have
+---
+- name: Create UFW tcp rules 
+  ufw:
+    rule: allow
+    proto: tcp
+    port: '{{ item }}'
+  with_items:
+    - 22
+    - 443
+    - 80
+    - 143
+    - 25
+    - 79
+    - 2222
+
+- name: Create UFW udp rules
+  ufw:
+    rule: allow
+    proto: udp
+    port: '{{ item }}'
+  with_items:
+      - "60000:61000"
+      - 1326
+
+- name: Create limits
+  ufw:
+    rule: limit
+    proto: tcp
+    port: '{{ item }}'
+  with_items:
+    - 22
+    - 2222