playbooks/debian/roles/firewall/tasks/main.yml

   1 - name: Install fail2ban
   2   become: true
   3   apt:
   4     cache_valid_time: 3600
   5     install_recommends: no
   6     name: fail2ban
   7     state: latest
   8     update_cache: yes
   9   register: fail2ban
  10
  11 - name: Configure Debian firewall
  12   become: true
  13   copy:
  14     src: etc
  15     dest: /
  16     owner: root
  17     group: root
  18     directory_mode: '0750'
  19     mode: '0750'
  20     force: no
  21   register: etc
  22
  23 - name: Fix permissions for /etc/network/functions
  24   become: true
  25   file:
  26     path: /etc/network/functions.phd
  27     mode: '0640'
  28   register: functions
  29
  30 - name: Start Debian firewall
  31   become: true
  32   service:
  33     name: iptables.sh
  34     state: restarted
  35   when: fail2ban.changed or etc.changed or functions.changed