---
- name: Allow Docker Swarm ports on enp8s0
  community.general.ufw:
    rule: allow
    port: "{{ item.port }}"
    proto: "{{ item.proto }}"
    direction: in
    interface: enp8s0
  loop:
    - { port: 2377, proto: tcp } # Swarm control plane
    - { port: 7946, proto: tcp } # Gossip TCP
    - { port: 7946, proto: udp } # Gossip UDP
    - { port: 4789, proto: udp } # Overlay network VXLAN