jlgaddis · December 3, 2019 04:11 · jlgaddis · Dec 3, 2019
diff --git a/ufw.yml b/ufw.yml
 # ufw.yml

 ---

 - name: ufw.yml
  hosts: debian-stable-amd64
  become: true

  tasks:

    - name: Get "before" value of DEFAULT_INPUT_POLICY
      command: "grep ^DEFAULT_INPUT_POLICY= /etc/default/ufw"
      register: before
      changed_when: false
      args:
        warn: false

    - name: Display "before" value of DEFAULT_INPUT_POLICY
      debug:
        var: before.stdout

    - name: Change default input policy from "drop" to "reject"
      ufw:
        direction: incoming
        default: reject

    - name: Get "after" value of DEFAULT_INPUT_POLICY
      command: "grep ^DEFAULT_INPUT_POLICY= /etc/default/ufw"
      register: after
      changed_when: false
      args:
        warn: false

    - name: Display "after" value of DEFAULT_INPUT_POLICY
      debug:
        var: after.stdout
	# ufw.yml

	---

	- name: ufw.yml
	hosts: debian-stable-amd64
	become: true

	tasks:

	- name: Get "before" value of DEFAULT_INPUT_POLICY
	command: "grep ^DEFAULT_INPUT_POLICY= /etc/default/ufw"
	register: before
	changed_when: false
	args:
	warn: false

	- name: Display "before" value of DEFAULT_INPUT_POLICY
	debug:
	var: before.stdout

	- name: Change default input policy from "drop" to "reject"
	ufw:
	direction: incoming
	default: reject

	- name: Get "after" value of DEFAULT_INPUT_POLICY
	command: "grep ^DEFAULT_INPUT_POLICY= /etc/default/ufw"
	register: after
	changed_when: false
	args:
	warn: false

	- name: Display "after" value of DEFAULT_INPUT_POLICY
	debug:
	var: after.stdout