# vim: ft=yaml.ansible
---
- name: Allow necessary ports in UFW
  community.general.ufw:
    rule: allow
    port: "{{ item.port }}"
    proto: "{{ item.proto }}"
    comment: "{{ item.comment }}"
  loop: "{{ open_ports }}"

- name: Enable UFW
  community.general.ufw:
    state: enabled
    policy: deny