add iptables rule

defaults/main.yml

@@ -0,0 +1,4 @@
+---
+nginx_open_ports:
+  - 80
+  - 443

tasks/config.yml

@@ -35,3 +35,10 @@
     - header.conf
   notify:
     - nginx_restart
+
+- name: Open ports in iptables
+  iptables_raw:
+    name: allow_nginx_ports
+    state: present
+    rules: '-A INPUT -p tcp -m multiport --dports {{ nginx_open_ports|join(",") }} -j ACCEPT'
+  tags: iptables