Debug fail2ban

notthebee · Apr 3, 2024 · da8316c · da8316c
1 parent c706ec2
commit da8316c
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 0 deletions.
diff --git a/roles/fail2ban/tasks/main.yml b/roles/fail2ban/tasks/main.yml
@@ -29,3 +29,12 @@
     name: fail2ban
     state: started
     enabled: yes
+
+- name: Check the fail2ban service status
+  register: fail2ban_service
+  ansible.builtin.systemd_service:
+    name: fail2ban
+
+- name: Fail if fail2ban failed
+  ansible.builtin.assert:
+    that: fail2ban_service.StatusErrno != "0"
diff --git a/roles/system/handlers/main.yml b/roles/system/handlers/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Restart iptables
+  ansible.builtin.service:
+    name: iptables
+    state: restarted
diff --git a/roles/system/tasks/firewall.yml b/roles/system/tasks/firewall.yml
@@ -15,6 +15,7 @@
     cmd: "which iptables-restore"
 
 - name: Template the iptables systemd service
+  notify: Restart iptables
   ansible.builtin.template:
     src: systemd/iptables.service.j2
     dest: /etc/systemd/system/iptables.service