#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Install and configure FAIL2BAN
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# comprobe if fail2ban is installed if not then install fail2ban
# Gather the package facts
#- name: Gather the package facts
#  package_facts:
#    manager: auto
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# install packages if is not in the system
- name: install fail2ban package if is not in the system
  apt:
    name: fail2ban
    state: present
#  when: "'fail2ban' not in ansible_facts.packages"  # ansible comprobes if is ok its installed
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# configure fail2ban
# template a file to /etc/fail2ban/jail.local
- name: template a file to /etc/fail2ban/jail.local
  template:
    src: jail2.j2
    dest: "{{ path_jail_local }}"
    owner: root
    group: root
    mode: '0644'
    backup: true
  notify: restart fail2ban
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# service nftables should start on boot.
- name: service nftables should start on boot
  service:
    name: "{{ nftables_daemon }}"
    enabled: yes
  notify: restart nftables
#++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++