--- - name: ensure lldap docker/compose exist file: path: /etc/docker/compose/lldap state: directory owner: root group: root mode: 0700 - name: build lldap docker-compose.yml.j2 template: src: ../templates/docker-compose.yml.j2 dest: /etc/docker/compose/lldap/docker-compose.yml owner: root group: root mode: u=rw,g=r,o=r - name: daemon-reload and enable lldap ansible.builtin.systemd_service: state: restarted enabled: true name: docker-compose@lldap - name: allow ldap on vpn ufw: rule: allow port: '3890' from: '100.64.0.0/10'