roumano
commented
11 months ago I confirm i get similar issue.
I don't think it's possible to fix this issue with the actual module (ini_file)
I've remove the actual ini_file tasks
- name: Configure jail.local
community.general.ini_file:
...and replace by a template tasks :
- name: Configure jail.local
ansible.builtin.template:
src: jail.local.j2
dest: /etc/fail2ban/jail.local
mode: "0640"
notify:
- Restart fail2banOf course, it's need to create the template file templates/jail.local.j2 :
{# Template to create the jail #}
{% for i in fail2ban_jail_configuration %}
[{{ i.name }}]
{% for k in i if k != 'name' %}
{{ k }} = {{ i[k] }}
{% endfor %}
{% endfor %}And the configuration change also, please found a exemple :
fail2ban_jail_configuration:
- name: DEFAULT
ignoreself: 'true'
destemail: XX@YYY.ZZ
sender: root@{{ inventory_hostname }}.YYY.ZZ
- name: guacamole
enabled: 'true'
port: 8080
logpath: /var/log/tomcat9/catalina.out
filter: guacamole_XXXX
banaction: iptables-multiport
maxretry: 2
bantime: 1m
findtime: 60m
action: |
iptables-guacamole[name="guacamole", port="8080", protocol="tcp"]
smtp.py[host="smtp.XXX.YY:25", sender="noreply@XXX.YY", dest="XXX@YYY.ZZ,XXX2@YYY.ZZ"]i removed the tasks assert | Test fail2ban_jail_configuration (in assert.yml ) as the fail2ban_jail_configuration changed but ideally, it's should also be rewriten.
If you think it's the good way for fixing the issue, i can create a PR with these change.
Describe the bug
I try to add multiple actions in one section in jail. It is not possible in current role form.
Playbook
Please paste the playbook you are using. (Consider
requirements.ymland optionally the command you've invoked.)Output
It will constantly multiple last line (add it with each playbook execution):
Environment
cat /etc/os-release): MacOS on M1ansible --version): 2.15.1cat /etc/os-release): "Ubuntu 22.04.2 LTS"Please consider sponsoring me.