diff --git a/playbooks/install_foreman.yml b/playbooks/foreman/install_foreman.yml
similarity index 100%
rename from playbooks/install_foreman.yml
rename to playbooks/foreman/install_foreman.yml
diff --git a/playbooks/foreman/open_ports_reset_user.yml b/playbooks/foreman/open_ports_reset_user.yml
new file mode 100644
index 0000000..9917e92
--- /dev/null
+++ b/playbooks/foreman/open_ports_reset_user.yml
@@ -0,0 +1,29 @@
+---
+- name: Open all ports and needed by foreman
+  hosts: foremanAlma
+  become: yes
+  vars_files:
+    - /home/mango/projects/homelab/vars/secrets.yml
+  vars:
+    username: root
+  tasks:
+    - name: permit traffic in default zone for https service
+      ansible.posix.firewalld:
+        service: "{{item}}"
+        permanent: true
+        state: enabled
+        immediate: yes
+      loop:
+        - https
+        - dns
+        - dhcp
+        - tftp
+        - http
+        - "vnc-server"
+        - "postgresql"
+        - "puppetmaster"
+
+
+    - name: set admin user and password
+      ansible.builtin.command:
+        cmd: "foreman-rake permissions:reset username={{username}} password={{become_password}}"