---
- name: Deploy and Execute UFW Hardening Script
  hosts: all
  become: true
  vars:
    ufw_script_path: /tmp/harden-ufw.sh

  tasks:
    - name: Copy UFW hardening script to remote hosts
      copy:
        src: harden-ufw.sh
        dest: "{{ ufw_script_path }}"
        owner: root
        group: root
        mode: '0755'

    - name: Execute UFW hardening script
      shell: "{{ ufw_script_path }}"
      register: ufw_output

    - name: Display UFW configuration results
      debug:
        var: ufw_output.stdout_lines

    - name: Clean up temporary script
      file:
        path: "{{ ufw_script_path }}"
        state: absent

    - name: Restart Docker service to re-establish swarm connections
      systemd:
        name: docker
        state: restarted
        enabled: yes