From 4b06f84618a9921250e0a101336346e89bff1039 Mon Sep 17 00:00:00 2001
From: Andrea Dell'Amico <andrea.dellamico@isti.cnr.it>
Date: Fri, 7 Aug 2015 11:25:06 +0200
Subject: [PATCH] library/roles: Try and fix the fail2ban conditionals, again.
 xen/host_vars/dlib28x.dom0.research-infrastructures.eu: add
 dlib28x.dom0.research-infrastructures.eu

---
 fail2ban/defaults/main.yml            | 6 ++----
 fail2ban/handlers/main.yml            | 2 +-
 fail2ban/tasks/main.yml               | 2 +-
 iptables/handlers/main.yml            | 2 +-
 ubuntu-deb-general/defaults/main.yml  | 2 ++
 ubuntu-deb-general/tasks/packages.yml | 1 +
 6 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/fail2ban/defaults/main.yml b/fail2ban/defaults/main.yml
index 655a7fe0..b5e01294 100644
--- a/fail2ban/defaults/main.yml
+++ b/fail2ban/defaults/main.yml
@@ -2,16 +2,14 @@
 
 # Fail2ban
 # Needed by the fail2ban template
-cm_ip: 146.48.123.18
-monitoring_ip: 146.48.123.23
 # ban time in seconds. 86400 == 1 day
 f2b_ban_time: 86400
 f2b_findtime: 600
 f2b_maxretry: 5
 f2b_default_backend: auto
 f2b_usedns: warn
-f2b_dest_email: sysadmin@research-infrastructures.eu
-f2b_sender_email: denyhosts@research-infrastructures.eu
+f2b_dest_email: 'sysadmin@{{ domain_name }}'
+f2b_sender_email: 'denyhosts@{{ domain_name }}'
 f2b_default_banaction: iptables-multiport
 # Default action: ban. Not send email
 f2b_default_action: action_
diff --git a/fail2ban/handlers/main.yml b/fail2ban/handlers/main.yml
index a6b3c1a5..5423011a 100644
--- a/fail2ban/handlers/main.yml
+++ b/fail2ban/handlers/main.yml
@@ -1,6 +1,6 @@
 ---
 - name: Restart fail2ban
   service: name=fail2ban state=restarted enabled=yes
-  when: ( is_trusty ) or ( is_debian8 )
+  when: has_fail2ban
 
 
diff --git a/fail2ban/tasks/main.yml b/fail2ban/tasks/main.yml
index 3990764e..33aa9aeb 100644
--- a/fail2ban/tasks/main.yml
+++ b/fail2ban/tasks/main.yml
@@ -1,3 +1,3 @@
 ---
 - include: fail2ban.yml
-  when: ( is_trusty ) or ( is_debian8 )
+  when: has_fail2ban
diff --git a/iptables/handlers/main.yml b/iptables/handlers/main.yml
index 150d2e9c..72895169 100644
--- a/iptables/handlers/main.yml
+++ b/iptables/handlers/main.yml
@@ -22,5 +22,5 @@
 
 - name: Restart fail2ban
   service: name=fail2ban state=restarted enabled=yes
-  when: ( is_trusty ) or ( is_debian8 )
+  when: has_fail2ban
 
diff --git a/ubuntu-deb-general/defaults/main.yml b/ubuntu-deb-general/defaults/main.yml
index 140e53c0..b79b4b71 100644
--- a/ubuntu-deb-general/defaults/main.yml
+++ b/ubuntu-deb-general/defaults/main.yml
@@ -103,6 +103,8 @@ has_htop: "'{{ ansible_distribution }}' == 'Ubuntu' and ({{ ansible_distribution
 
 has_apt: "('{{ ansible_distribution }}' == 'Debian' or '{{ ansible_distribution }}' == 'Ubuntu') and '{{ ansible_distribution_version }}' != 'lenny/sid' and '{{ ansible_lsb['major_release'] }}' >= 5"
 
+has_fail2ban: "(('{{ ansible_distribution }}' == 'Ubuntu') and ({{ ansible_distribution_major_version }} >= 14)) or (('{{ ansible_distribution }}' == 'Debian') and ({{ ansible_lsb['major_release'] }} >= 8))"
+
 is_debian: "'{{ ansible_distribution }}' == 'Debian'"
 is_debian8: "'{{ ansible_distribution_release }}' == 'jessie'"
 is_debian7: "'{{ ansible_distribution_release }}' == 'wheezy'"
diff --git a/ubuntu-deb-general/tasks/packages.yml b/ubuntu-deb-general/tasks/packages.yml
index 9878ca49..85fe4d07 100644
--- a/ubuntu-deb-general/tasks/packages.yml
+++ b/ubuntu-deb-general/tasks/packages.yml
@@ -80,5 +80,6 @@
 - name: Install additional packages, if any
   apt: pkg={{ item }} state={{ pkg_state }}
   with_items: additional_packages
+  when: additional_packages is defined
   tags: [ 'packages', 'common_pkgs', 'additional_packages' ]