--- /dev/null
+- name: Install fail2ban
+ become: true
+ apt:
+ cache_valid_time: 3600
+ install_recommends: no
+ name: fail2ban
+ state: latest
+ update_cache: yes
+ notify: Restart firewall
+
+- name: Configure Debian firewall
+ become: true
+ copy:
+ src: etc
+ dest: /
+ owner: root
+ group: root
+ directory_mode: '0750'
+ mode: '0750'
+ force: no
+ notify: Restart firewall
+
+- name: Fix permissions for /etc/network/functions
+ become: true
+ file:
+ path: /etc/network/functions.phd
+ mode: '0640'
+ notify: Restart firewall