Created set of additional tasks for custom filters for new Fail2Ban ProFTPd jail

roles/bootstrap/handlers/proftpd.yml

@@ -111,3 +111,47 @@
         allowed_users: "{{ ','.join(list(map(lambda u: u['username'], filter(lambda u: not 'http' in u['services'] and not 'https' in u['services'] and not 'httpd' in u['services'] and not 'caddy' in u['services'] and not 'www-data' in u['services'], config['proftpd']['vusers'].values())))) }}"
         anon_root: "{{ map(lambda u: u['home'], filter(lambda u: 'ftps' in u['services'] or 'proftpd' in u['services'], hostvars[inventory_hostname]['users'].values())) | list | random }}/public"
         anon_user: "{{ config['proftpd']['vusers']['smuggler']['username'] }}"
+    - name: Set ProFTPd jail in fail2ban
+      block:
+        - name: Create fail2ban system configuration directory
+          ansible.builtin.file:
+            force: false
+            group: root
+            mode: "0755"
+            owner: root
+            path: /etc/fail2ban
+            state: directory
+        - name: Create fail2ban filters system configuration directory
+          ansible.builtin.file:
+            force: false
+            group: root
+            mode: "0755"
+            owner: root
+            path: /etc/fail2ban/filter.d
+            state: directory
+        - name: Create fail2ban filter system configuration
+          ansible.builtin.copy:
+            backup: true
+            dest: /etc/fail2ban/filter.d/custom_proftpd.conf
+            force: true
+            group: root
+            owner: root
+            src: fail2ban/filter.d/custom_proftpd.conf
+            # validate: string
+        - name: Create fail2ban jails system configuration directory
+          ansible.builtin.file:
+            force: false
+            group: root
+            mode: "0755"
+            owner: root
+            path: /etc/fail2ban/jail.d
+            state: directory
+        - name: Create fail2ban jail system configuration
+          ansible.builtin.copy:
+            backup: true
+            dest: /etc/fail2ban/jail.d/proftpd.local
+            force: true
+            group: root
+            owner: root
+            src: fail2ban/jail.d/proftpd.local
+            # validate: string