---
- name: "Install & Configure Firewalld"
  hosts: all

  tasks:
# Setup correct Firewall
  - name: "Stop and disable ufw"
    ansible.builtin.service:
      name: "ufw"
      state: stopped
      enabled: no
    become: True
  - name: "Remove ufw"
    ansible.builtin.package:
      name: "ufw"
      state: "absent"
    become: True
  - name: "Install & Update firewalld"
    ansible.builtin.package:
      name: "firewalld"
      state: "latest"
    become: True
  - name: "Start and enable firewalld"
    ansible.builtin.service:
      name: "firewalld"
      state: "started"
      enabled: yes
# Create Firewall Rules loaded from external Playbooks
  - name: "Create Firewall Rules for any Node"
    import_playbook: all.rules.firewalld.yaml
# Create Firewall Rules for Groups loaded from external Playbooks
  - name: "Create Firewall Rules for Servers"
    import_playbook: servers.rules.firewalld.yaml
  - name: "Create Firewall Rules for RPIS"
    import_playbook: rpis.rules.firewalld.yaml
# Create Firewall Rules for specific Hosts loaded from external Playbooks
  - name: "Create Firewall Rules for srvdoc01"
    import_playbook: srvdoc01.rul0es.firewalld.yaml
# Reload Firewall to activate new Rules
  - name: "Reload Firewall Rules"
    ansible.builtin.command:
      cmd: "firewall-cmd --reload"
# Due to security Conditions Fail2ban gets installed too
  - name: "Install Fail2ban with custom Ansible-Playbook"
    import_playbook: ../prod/fail2ban.yaml
...