--- # tasks file for fail2ban - name: Supprimer la configuration de Debian ansible.builtin.file: state: absent path: /etc/fail2ban/jail.d/defaults-debian.conf become: true notify: Redémarrer fail2ban.service - name: Déployer la configuration contre la récidive ansible.builtin.template: owner: root group: root mode: u=rw,g=,o= src: recidive.conf.j2 dest: /etc/fail2ban/fail2ban.d/recidive.conf become: true notify: Redémarrer fail2ban.service - name: Déployer la configuration de base ansible.builtin.template: owner: root group: root mode: u=rw,g=,o= src: 01-base.conf.j2 dest: /etc/fail2ban/jail.d/01-base.conf become: true notify: Redémarrer fail2ban.service - name: Construire la liste des templates à déployer ansible.builtin.set_fact: fail2ban_templates: "{{ fail2ban_templates + specific }}" when: specific | length > 0 loop: "{{ lookup('ansible.builtin.varnames', '^fail2ban_templates_.+', wantlist=True) }}" vars: specific: "{{ lookup('ansible.builtin.vars', item, default='') }}" - name: Déployer les fichiers de configuration ansible.builtin.template: owner: root group: root mode: u=rw,g=,o= src: "{{ item.src }}" dest: "{{ item.dest }}" when: - fail2ban_templates | length > 0 - item.src is exists loop: "{{ fail2ban_templates }}" loop_control: label: "{{ item.dest }}" become: true notify: Redémarrer fail2ban.service