kidhab
commented
8 months ago The copy task will not remove the destination files if your src-path end with a trailing slash. From the Ansible documentation
If path is a directory, it is copied recursively. In this case, if path ends with “/”, only inside contents of that directory are copied to destination. Otherwise, if it does not end with “/”, the directory itself with all contents is copied. This behavior is similar to the rsync command line tool.
Before running this role the first time I cleaned up an old installation of fail2ban. If you run apt remove fail2ban without --purge and manually delete /etc/fail2ban a reinstallation of fail2ban via Ansible or apt install doesn't restore the default configuration files. It just creates an empty directory structure at /etc/fail2ban.
Because of this I came across this issue. Maybe it's similar to your situation.
Need to confirm whether this is intended behavior or a bug.
As currently written, if you specify custom filters/actions, the
copytasks will remove the destination files that are not copied. This is fine if you are setting only custom rules.However in cases where you'd want both, say for like ssh and some custom mail rules, you'd have to also define a "custom" ssh rule to include in as well.
My working assumption with the role is that the custom rules were being set in filters.local, actions.local, etc, leaving the standard set alone; howver this is not the case. This seems, essentially, an extension of this bug from before: https://github.com/Oefenweb/ansible-fail2ban/issues/26
Can you please confirm that this is working as intended, or a bug?