ansible-ppm/roles/ppm/tasks/firewall.yml

- name: Configure firewall options
  ansible.builtin.copy:
    dest: /home/.ppmfirewalltemplate
    group: root
    owner: root
    mode: "0755"
    src: ppmfirewall

- name: Render firewall
  ansible.builtin.shell: ppm template /home/.ppmfirewalltemplate /etc/firewall.d/ppmfirewall ; chmod 755 /etc/firewall.d/ppmfirewall
  register: firewall_render
  changed_when: "'content did not change' not in firewall_render.stdout"
  notify: Restart firewall