# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# Install and configure FAIL2BAN
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# comprobe if fail2ban is installed if not then install fail2ban
# Gather the package facts
# - name: Gather the package facts
#  package_facts:
#    manager: auto
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# install packages if is not in the system
- name: install fail2ban package if is not in the system
  apt:
    name: fail2ban
    state: present
#  when: "'fail2ban' not in ansible_facts.packages"  # ansible comprobes if is ok its installed
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# configure fail2ban
# template a file to /etc/fail2ban/jail.local
- name: template a file to /etc/fail2ban/jail.local
  template:
    src: jail2.j2
    dest: "{{ path_jail_local }}"
    owner: root
    group: root
    mode: '0644'
    backup: true
  notify: restart fail2ban
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# service nftables should start on boot.
- name: service nftables should start on boot
  service:
    name: "{{ nftables_daemon }}"
    enabled: true
  notify: restart nftables
# ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++