change to ufw from firewalld

roles/common/tasks/firewalld.yaml

@@ -1,27 +0,0 @@
----
-- name: "Install Docker via apt"
-  apt:
-    update_cache: yes
-    state: present
-    name:
-     - firewalld
-
-- name: Start and enable firewalld
-  service:
-    name: firewalld
-    state: restarted
-    enabled: yes
-
-- name: Permit traffic in public zone for https service
-  ansible.posix.firewalld:
-    zone: public
-    service: https
-    permanent: yes
-    state: enabled
-
-- name: Permit traffic in public zone for ssh service
-  ansible.posix.firewalld:
-    zone: public
-    service: ssh
-    permanent: yes
-    state: enabled

roles/common/tasks/main.yaml

@@ -4,7 +4,7 @@
 - include_tasks: clean-motd.yaml
 - include_tasks: remove-snap.yaml
 - include_tasks: disable-cloudinit.yaml
-- include_tasks: firewalld.yaml
+- include_tasks: ufw.yaml
 - include_tasks: service-user.yaml
 - include_tasks: ssh-security-settings.yaml
 - include_tasks: timesync.yaml

roles/common/tasks/ufw.yaml

@@ -0,0 +1,20 @@
+---
+- name: "Install ufw via apt"
+  apt:
+    update_cache: yes
+    state: present
+    name:
+     - ufw
+
+- name: Enable ufw
+  community.general.ufw:
+    state: enabled
+
+- name: Reset ufw rules to default
+  community.general.ufw:
+    state: reset
+
+- name: Allow ssh via ufw
+  community.general.ufw:
+    rule: allow
+    port: ssh