ufw tasks shall have the ufw tag

resolves #453

roles/common/tasks/ufw.yml

@@ -6,15 +6,19 @@
   apt: pkg=ufw state=present
   tags:
     - dependencies
+    - ufw
 
 - name: Deny everything
   ufw: policy=deny
+  tags: ufw
 
 - name: Set firewall rule for DNS
   ufw: rule=allow port=domain
+  tags: ufw
 
 - name: Set firewall rule for mosh
   ufw: rule=allow port=60000:61000 proto=udp
+  tags: ufw
 
 - name: Set firewall rules for web traffic and SSH
   ufw: rule=allow port={{ item }} proto=tcp
@@ -22,15 +26,19 @@
     - http
     - https
     - ssh
+  tags: ufw
 
 - name: Enable UFW
   ufw: state=enabled
+  tags: ufw
 
 - name: Check config of ufw
   command: cat /etc/ufw/ufw.conf
   register: ufw_config
   changed_when: False  # never report as "changed"
+  tags: ufw
 
 - name: Disable logging (workaround for known bug in Debian 7)
   ufw: logging=off
   when: "ansible_lsb['codename'] == 'wheezy' and 'LOGLEVEL=off' not in ufw_config.stdout"
+  tags: ufw

roles/ircbouncer/tasks/znc.yml

@@ -64,6 +64,7 @@
 
 - name: Set firewall rule for znc
   ufw: rule=allow port=6697 proto=tcp
+  tags: ufw
 
 - name: Ensure znc is a system service
   service: name=znc state=started enabled=true

roles/mailserver/tasks/dovecot.yml

@@ -93,3 +93,4 @@
   with_items:
     - imaps
     - pop3s
+  tags: ufw

roles/mailserver/tasks/postfix.yml

@@ -74,3 +74,4 @@
   with_items:
     - smtp
     - ssmtp
+  tags: ufw

roles/vpn/tasks/openvpn.yml

@@ -135,6 +135,7 @@
 
 - name: Allow OpenVPN through ufw
   ufw: rule=allow port={{ openvpn_port }} proto={{ openvpn_protocol }}
+  tags: ufw
 
 - name: Copy OpenVPN configuration file into place
   template: src=etc_openvpn_server.conf.j2 dest=/etc/openvpn/server.conf

roles/xmpp/tasks/prosody.yml

@@ -46,3 +46,4 @@
   with_items:
     - 5222  # xmpp c2s
     - 5269  # xmpp s2s
+  tags: ufw