---
- name: Configure firewall (UDP & TCP)
  community.general.ufw:
    rule: allow
    port: "{{ item }}"
    proto: any
  loop:
    - 4001
    - 24007
    - 24008

- name: Configure firewall (TCP)
  community.general.ufw:
    rule: allow
    port: "{{ item }}"
    proto: tcp
  loop:
    - 29152:65535

- name: Create ipfs group
  ansible.builtin.group:
    name: ipfs
    state: present

- name: Create ipfs user
  ansible.builtin.user:
    name: ipfs
    group: ipfs
    create_home: true
    home: /home/ipfs
    system: true

# @see https://github.com/quic-go/quic-go/wiki/UDP-Buffer-Sizes
- name: Set sysctl values for net.core.rmem_max and wmem_max
  ansible.posix.sysctl:
    name: "{{ item.name }}"
    value: "{{ item.value }}"
    state: present
    reload: true
  loop:
    - { name: "net.core.rmem_max", value: "7500000" }
    - { name: "net.core.wmem_max", value: "7500000" }
  notify:
    - Restart ipfs