How do I configure ansible-fail2ban to use the root user?

[vraravam]

As per the docs, I have put the following in the group_vars yml file:

  fail2ban_bantime: 3600
  fail2ban_filterd_path: ../../../files/fail2ban/etc/fail2ban/filter.d/
  fail2ban_services:
    - name: nginx-bots
      port: http,https
      filter: nginx-bots
      logpath: /var/log/nginx/access.log*
      maxretry: 1
      bantime: 172800
      findtime: 86400

But, I keep getting the following error:

(item=[u'fail2ban']) => {"failed": true, "item": ["fail2ban"], "msg": "Failed to lock apt for exclusive operation"}

I thought that it might be related to some kind of apt process locking the db, but even after a reboot of the VM, I keep getting the same error. When I ssh into the box, I can do apt-update without any problems.

[tersmitten]

Can you add the full playbook?

This looks like an APT problem however. I remember that some of the first (public) Ubuntu 16.04 VM's had a similar problem.

• https://github.com/boxcutter/ubuntu/issues/73
• https://askubuntu.com/a/878982/261010

[vraravam]

I was able to use become: yes when defining the dependency on the role, thus, all the steps inside of your role definition were run in sudo mode. Problem solved. Tx for the quick turnaround.

[tersmitten]

My pleasure