---
- name: Copy fail2ban filter
  become: true
  ansible.builtin.copy:
    src: gitea-filter.conf
    dest: /etc/fail2ban/filter.d/gitea.conf
    owner: root
    group: root
    mode: 0644
  notify: Restart fail2ban service

- name: Make sure there is a gitea log directory (needed for gitea log file)
  become: true
  ansible.builtin.file:
    path: /var/log/gitea
    state: directory
    owner: git
    group: git
    mode: 0750

- name: Make sure there is a gitea log file (needed for the jail)
  become: true
  ansible.builtin.file:
    path: /var/log/gitea/gitea.log
    state: touch
    access_time: preserve
    owner: git
    group: git
    mode: 0644

- name: Copy fail2ban jail
  become: true
  ansible.builtin.copy:
    src: gitea-jail.conf
    dest: /etc/fail2ban/jail.d/gitea.conf
    owner: root
    group: root
    mode: 0644
  notify: Restart fail2ban service