From ba6e89a0dc784999b16df9874773a2bf757b4563 Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <elizabeth.hunt@simponic.xyz>
Date: Mon, 25 Mar 2024 13:00:55 -0400
Subject: [PATCH] allow ldaps queries from anywhere

---
 playbooks/roles/kanidm/tasks/main.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/playbooks/roles/kanidm/tasks/main.yml b/playbooks/roles/kanidm/tasks/main.yml
index 4afebdf..142adbe 100644
--- a/playbooks/roles/kanidm/tasks/main.yml
+++ b/playbooks/roles/kanidm/tasks/main.yml
@@ -32,6 +32,12 @@
     group: root
     mode: 0755
 
+- name: Allow all LDAPS connections from everywhere
+  ansible.builtin.ufw:
+    rule: allow
+    proto: tcp
+    port: '3636'
+
 - name: Enable kanidm
   ansible.builtin.systemd_service:
     state: restarted