Trellis security setup

What does trellis do about security lockdown when setting up server with ansible?
I have found this ansible book: Could it be implemented as part of the setup?
Or is it up to us to go through this:
Is there a firewall at least?

Did you look through Trellis at all? It does many of those things.

Nice, I stumbled upon that security script, just wondered if you already implemented something like that.