[INFO] Créer le dépôt

tasks/configuration.yml

@@ -0,0 +1,51 @@
+---
+# tasks file for fail2ban
+
+- name: Supprimer la configuration de Debian
+  ansible.builtin.file:
+    state: absent
+    path: /etc/fail2ban/jail.d/defaults-debian.conf
+  become: true
+  notify: Redémarrer fail2ban.service
+
+- name: Déployer la configuration contre la récidive
+  ansible.builtin.template:
+    owner: root
+    group: root
+    mode: u=rw,g=,o=
+    src: recidive.conf.j2
+    dest: /etc/fail2ban/fail2ban.d/recidive.conf
+  become: true
+  notify: Redémarrer fail2ban.service
+
+- name: Déployer la configuration de base
+  ansible.builtin.template:
+    owner: root
+    group: root
+    mode: u=rw,g=,o=
+    src: 01-base.conf.j2
+    dest: /etc/fail2ban/jail.d/01-base.conf
+  become: true
+  notify: Redémarrer fail2ban.service
+
+- name: Construire la liste des templates à déployer
+  ansible.builtin.set_fact:
+    fail2ban_templates: "{{ fail2ban_templates + specific }}"
+  when: specific | length > 0
+  loop: "{{ lookup('ansible.builtin.varnames', '^fail2ban_templates_.+', wantlist=True) }}"
+  vars:
+    specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"
+
+- name: Déployer les fichiers de configuration
+  ansible.builtin.template:
+    owner: root
+    group: root
+    mode: u=rw,g=,o=
+    src: "{{ item.src }}"
+    dest: "{{ item.dest }}"
+  when: fail2ban_templates | length > 0 
+  loop: "{{ fail2ban_templates }}"
+  loop_control:
+    label: "{{ item.dest }}"
+  become: true
+  notify: Redémarrer fail2ban.service