fail2ban only if installed (#98)

* Add condition to only configure fail2ban if it is installed * Add package_facts to determine if fail2ban is installed * Added warning message by @DO1JLR + Warning message by @DO1JLR -> The message will prompt a warning to the user if fail2ban is not installed without stopping the execution. + removed trailing whitespaces
2021-04-12 19:06:19 +02:00 · 2021-04-12 19:06:19 +02:00 · c5a0653264
commit c5a0653264
parent 502a360b14
2 changed files with 12 additions and 0 deletions
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@ -7,6 +7,7 @@
    group: root
    mode: 0444
  notify: Restart fail2ban
+  when: "'fail2ban' in ansible_facts.packages"

 - name: Install fail2ban jail
  ansible.builtin.template:
@ -16,3 +17,10 @@
    group: root
    mode: 0444
  notify: Restart fail2ban
+  when: "'fail2ban' in ansible_facts.packages"
+
+- name: warn if fail2ban is not installed
+  ansible.builtin.fail:
+    msg: "the package fail2ban is not installed. no fail2ban filters deployed."
+  when: "'fail2ban' not in ansible_facts.packages"
+  ignore_errors: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -8,6 +8,10 @@
    - "{{ ansible_distribution | lower }}.yml"
    - "{{ ansible_os_family | lower }}.yml"

+- name: Gather installed packages for checks in the role (fail2ban)
+  ansible.builtin.package_facts:
+    manager: auto
+
 - name: "Check gitea version"
  ansible.builtin.shell: "set -eo pipefail; /usr/local/bin/gitea -v | cut -d' ' -f 3"
  args: