---
# file: roles/nginx_cluster/tasks/firewall.yml 

- name: "Enable firewall rule to Access IP"
  firewalld:
    rich_rule: 'rule family="ipv4" source address="{{ access_ip }}" port port="{{ item }}" protocol="tcp" accept'
    permanent: yes
    state: enabled
    immediate: yes
  notify: Reload firewalld
  loop: "{{ nginx_cluster_open_ports }}"