--- - name: Install fail2ban ansible.builtin.apt: name: fail2ban state: present when: fail2ban_enabled | bool - name: Configure fail2ban jail ansible.builtin.template: src: fail2ban-jail.local.j2 dest: /etc/fail2ban/jail.local owner: root group: root mode: '0644' when: fail2ban_enabled | bool notify: "restart fail2ban service" - name: Start and enable fail2ban ansible.builtin.systemd: name: fail2ban state: started enabled: true when: fail2ban_enabled | bool