---

- name: Configure proxy for {{ protocol }} on {{ domain }}:{{ port }}
  template:
    src: mail_proxy.conf
    dest: "{{ nginx_streams_directory }}/{{ domain }}:{{ port }}"
    owner: "{{ global_nginx_system_user }}"
    group: "{{ global_nginx_system_user }}"
    mode: "u=rw,g=r,o=r"

- name: Allow {{ protocol }} in firewall
  ufw:
    rule: allow
    port: "{{ port }}"
    proto: tcp