# {{ ansible_managed }}
# UFW Rules Configuration

# Allow SSH
-A ufw-user-input -p tcp --dport {{ ssh_port }} -j ACCEPT

# Allow Minecraft
-A ufw-user-input -p tcp --dport {{ minecraft_port | default(25565) }} -j ACCEPT

# Allow RCON if enabled
{% if enable_rcon | default(false) %}
-A ufw-user-input -p tcp --dport {{ rcon_port | default(25575) }} -j ACCEPT
{% endif %}

# Drop everything else
-A ufw-user-input -j DROP