Update ansible roles

Taskfile.yml

@@ -14,6 +14,10 @@ vars:
     sh: 'yq .ungrouped.hosts.server.ansible_host {{.HOSTS_FILE}}'
 
 tasks:
+  install-roles:
+    cmds:
+      - ansible-galaxy role install --role-file requirements.yml --force
+
   ssh:
     cmds:
     - ssh {{.REMOTE_USER}}@{{.REMOTE_HOST}}

files/netdata/docker-compose.yml.j2

@@ -26,9 +26,11 @@ services:
       - "/run/dbus:/run/dbus:ro"
       - "/sys:/host/sys:ro"
       - "/var/log:/host/var/log:ro"
+      - "/var/run:/host/var/run:ro"
       - "/var/run/docker.sock:/var/run/docker.sock:ro"
     environment:
       PGID: "{{ netdata_docker_group_output.stdout | default(999) }}"
+      NETDATA_EXTRA_DEB_PACKAGES: "fail2ban"
 
 networks:
   {{ web_proxy_network }}:

files/netdata/go.d/fail2ban.conf

@@ -0,0 +1,3 @@
+jobs:
+  - name: fail2ban
+    update_every: 5  # Collect Fail2Ban jails statistics every 5 seconds

playbook-netdata.yml

@@ -50,6 +50,14 @@
         group: "{{ app_user }}"
         mode: "0640"
 
+    - name: "Copy fail2ban plugin config file"
+      ansible.builtin.copy:
+        src: "files/{{ app_name }}/go.d/fail2ban.conf"
+        dest: "{{ config_go_d_dir }}/fail2ban.conf"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0640"
+
     - name: "Grab docker group id."
       ansible.builtin.shell:
         cmd: |

playbook-system.yml

@@ -25,21 +25,13 @@
         name: "{{ apt_packages }}"
         update_cache: true
 
-    - name: "Configure timezone"
-      ansible.builtin.import_role:
-        name: yatesr.timezone
-      vars:
-        timezone: UTC
-      tags:
-        - skip_ansible_lint
-
     - name: "Configure security settings"
       ansible.builtin.import_role:
         name: geerlingguy.security
       vars:
         security_ssh_permit_root_login: "yes"
         security_autoupdate_enabled: "no"
-        security_fail2ban_enabled: "yes"
+        security_fail2ban_enabled: true
 
     - name: "Copy keep files script"
       ansible.builtin.copy:

requirements.yml

@@ -3,7 +3,7 @@
   version: 1.2.2
 
 - src: geerlingguy.security
-  version: 2.4.0
+  version: 3.0.0
 
 - src: geerlingguy.docker
-  version: 7.4.3
+  version: 7.4.7