---
- name: Install and configure Fail2ban with Mattermost notifications
  hosts: servers
  become: yes
  vars:
    ssh_port: "{{ ssh_port }}"
    ban_time: 1800
    max_retry: 3
    find_time: 600
    mattermost_webhook: "{{ mattermost_webhook }}"

  tasks:
    - name: Install Fail2ban
      apt:
        name: fail2ban
        state: present
        update_cache: yes

    - name: Configure Fail2ban jail.local
      copy:
        dest: /etc/fail2ban/jail.local
        content: |
          [sshd]
          enabled = true
          port = {{ ssh_port }}
          logpath = /var/log/auth.log
          maxretry = 3
          bantime = 1800
          action = iptables-multiport[name=SSH, port={{ ssh_port }}, protocol=tcp]
                   mattermost
      notify:
        - Restart Fail2ban

    - name: Create Mattermost action file
      copy:
        dest: /etc/fail2ban/action.d/mattermost.conf
        content: |
          [Definition]
          actionstart =
          actionstop =
          actionban = curl -X POST -H 'Content-Type: application/json' --data '{"text": "🚨 Fail2ban a banni <ip> après trop d'échecs SSH 🚨"}' {{ mattermost_webhook }}
          actionunban =
      notify: Restart Fail2ban

  handlers:
    - name: Restart Fail2ban
      systemd:
        name: fail2ban
        state: restarted