Linter + Dashboard fixes

roles/common/tasks/main.yaml

@@ -96,7 +96,7 @@
     path: /etc/default/grub
     regexp: '^GRUB_TIMEOUT='
     line: "GRUB_TIMEOUT=1 # Managed by Ansible"
-  notify: update grub
+  notify: Update grub
 
 - name: Configure cron email
   ansible.builtin.lineinfile:
@@ -118,63 +118,5 @@
     - regexp: '^#?DebianBanner'
       line: 'DebianBanner no'
   when: manage_sshd_config | default(true)
-  notify: reload sshd
+  notify: Reload sshd
 
-- name: Allow SSH
-  ansible.builtin.iptables:
-    chain: INPUT
-    protocol: tcp
-    destination_port: "{{ ssh_port }}"
-    ctstate: NEW
-    jump: ACCEPT
-    ip_version: "{{ item }}"
-  with_items:
-    - ipv4
-    - ipv6
-  notify: persist iptables
-  when: not nft | bool
-
-- name: Allow ICMP
-  ansible.builtin.iptables:
-    chain: INPUT
-    protocol: "{{ item.proto }}"
-    jump: ACCEPT
-    ip_version: "{{ item.ip }}"
-  with_items:
-    - { ip: ipv4, proto: icmp }
-    - { ip: ipv6, proto: ipv6-icmp }
-  notify: persist iptables
-  when: not nft | bool
-
-- name: Allow related and established connections
-  ansible.builtin.iptables:
-    chain: INPUT
-    ctstate: ESTABLISHED,RELATED
-    jump: ACCEPT
-    ip_version: "{{ item }}"
-  with_items:
-    - ipv4
-    - ipv6
-  notify: persist iptables
-  when: not nft | bool
-
-- name: Allow local connections
-  ansible.builtin.iptables:
-    chain: INPUT
-    source: "{{ item.cidr }}"
-    jump: ACCEPT
-    ip_version: "{{ item.v }}"
-  with_items: "{{ trusted_ranges }}"
-  notify: persist iptables
-  when: not nft | bool
-
-- name: Deny inbound connections
-  ansible.builtin.iptables:
-    chain: INPUT
-    policy: DROP
-    ip_version: "{{ item }}"
-  with_items:
-    - ipv4
-    - ipv6
-  notify: persist iptables
-  when: not nft | bool