Moved ansible stuff to own folder

ansible/roles/networking/tasks/main.yml

@@ -0,0 +1,40 @@
+- name: Install fail2ban & ufw.
+  apt:
+    name:
+      - fail2ban
+      - ufw
+    state: present
+
+# TODO add proper fail2ban config
+
+- name: Ensure fail2ban is started & enabled.
+  service:
+    name: fail2ban
+    state: started
+    enabled: true
+
+- name: Ensure ufw is started & enabled.
+  service:
+    name: fail2ban
+    state: started
+    enabled: true
+
+- name: Allow SSH connections.
+  community.general.ufw:
+    rule: allow
+    port: 2222
+
+- name: Open necessary ports for Docker swarm communication.
+  community.general.ufw:
+    rule: allow
+    port: "{{ item }}"
+  loop:
+    - 2377  # cluster management communications
+    - 7946  # communication among nodes
+    - 4789  # overlay network traffic
+    - 9001  # Portainer communication
+
+- name: Block everything else by default & enable firewall.
+  community.general.ufw:
+    default: deny
+    state: enabled