---
- name: Ensure Nginx is installed and configured
  hosts: all
  become: true
  tasks:

    - name: Nginx Installed
      ansible.builtin.include_role:
        name: nginxinc.nginx_core.nginx

    - name: Nginx Configured to serve Front-end Application
      ansible.builtin.include_role:
        name: nginxinc.nginx_core.nginx_config

    - name: Ensure python firewall library is installed
      ansible.builtin.package:
        name: python3-firewall
        state: present

    - name: Ensure firewalld is enabled
      ansible.builtin.service:
        name: firewalld
        enabled: true

    - name: Ensure firewall ports are open
      ansible.posix.firewalld:
        port: "{{ item }}"
        permanent: true
        immediate: true
        state: enabled
      loop:
        - 80/tcp
        - 22/tcp