Open ports for OpenSSH, WWW and XMPP

This commit enables the necessary ports for XMPP, web hosting (to allow certbot to renew automatically) and SSH.
author: Matthew Fennell <matthew@fennell.dev> 2024-01-07 11:56:42 +0000
committer: Matthew Fennell <matthew@fennell.dev> 2024-01-07 11:56:42 +0000
commit: 71e36164cae64494cdb91f537d65821c8e2e00f8 (patch)
tree: f5251e9626e0a469ef95242b0ab12947122b6aee
parent: 8093a955e3c6238cc14537a54c56277af6b89dc2 (diff)
2 files changed, 11 insertions, 1 deletions
diff --git a/README.md b/README.md
index 2cbab87..4547009 100644
--- a/README.md
+++ b/README.md
@@ -17,7 +17,7 @@ deployments.
 
 Set up a server with the following things configured:
 
-* SSH access
+* SSH access to a user that can become root
 * DNS records (see [Prosody's docs](https://prosody.im/doc/dns) for more info)
 * `python3` installed
 
diff --git a/playbook.yaml b/playbook.yaml
index 85b5e50..503d3ae 100644
--- a/playbook.yaml
+++ b/playbook.yaml
@@ -16,3 +16,13 @@
        - python3-certbot-apache
        - ufw
       state: present
+   - name: Ensure required ports are open
+     community.general.ufw:
+      rule: allow
+      name: "{{ item }}"
+      state: enabled
+     loop:
+      - OpenSSH
+      - WWW
+      - XMPP
+     become: true
author	Matthew Fennell <matthew@fennell.dev>	2024-01-07 11:56:42 +0000
committer	Matthew Fennell <matthew@fennell.dev>	2024-01-07 11:56:42 +0000
commit	71e36164cae64494cdb91f537d65821c8e2e00f8 (patch)
tree	f5251e9626e0a469ef95242b0ab12947122b6aee
parent	8093a955e3c6238cc14537a54c56277af6b89dc2 (diff)