add new roles

playbooks/roles/firewall/tasks/main.yml

@@ -2,12 +2,20 @@
 ---
 # tasks file for firewall
 #
-- name: Ensure ufw is installed
+- name: Ensure ufw is installed on Debian
   ansible.builtin.apt:
     name: ufw
     state: present
     update_cache: true
   become: true
+  when: ansible_facts['os_family'] == "Debian"
+
+- name: Ensure ufw is installed on Arch
+  community.general.pacman:
+    name: ufw
+    state: present
+    update_cache: true
+  become: true
 
 - name: Enable ufw
   community.general.ufw:
@@ -28,16 +36,12 @@
     port: 161
     proto: udp
   become: true
+  when: ansible_facts["os_family"]
+
 - name: Allow port 6556 for check_mk
   community.general.ufw:
     rule: allow
     port: 6556
     proto: tcp
   become: true
-
-# Set default policy
-- name: Set default incoming policy to deny
-  community.general.ufw:
-    default: deny
-    direction: incoming
-  become: true
+  when: ansible_facts["os_family"]