- name: Install Fail2Ban package
  ansible.builtin.package:
    name: fail2ban
    state: present

- name: Ensure Fail2Ban service file exists
  ansible.builtin.stat:
    path: /usr/lib/systemd/system/fail2ban.service
  register: fail2ban_service

- name: Debug 
  debug:
    var: fail2ban_service

- name: Deploy jail.local configuration
  ansible.builtin.template:
    src: jail.local.j2
    dest: /etc/fail2ban/jail.local
    owner: root
    group: root
    mode: '0644'
  when: fail2ban_service.stat.exists
  notify: Restart fail2ban


- name: Enable and start Fail2Ban service
  ansible.builtin.service:
    name: fail2ban
    state: started
    enabled: yes
  when: fail2ban_service.stat.exists