ansible-roles/roles/crowdsec_bouncer_firewall/tasks/facts.yml

---

- name: Check if API key is available
  stat: path=/etc/crowdsec/meta/bouncer_fw_api_key
  register: crowdsec_fw_lapi_key_file
  tags: crowdsec

- when: crowdsec_fw_lapi_key is not defined and (not crowdsec_fw_lapi_key_file.stat.exists or crowdsec_fw_lapi_key_file.stat.size == 0)
  block:
    - name: Register the bouncer
      command: cscli bouncers add {{ inventory_hostname }}-firewall -o raw
      register: crowdsec_bouncer_add
      failed_when: crowdsec_bouncer_add.rc not in [0,1]
      changed_when: crowdsec_bouncer_add.rc == 0
      delegate_to: "{{ crowdsec_lapi_server | default(inventory_hostname) }}"

    - name: Record the API key for later use
      copy: content={{ crowdsec_bouncer_add.stdout }} dest=/etc/crowdsec/meta/bouncer_fw_api_key mode=600

  tags: crowdsec

- when: crowdsec_fw_lapi_key is not defined
  block:
    - name: Read the API key
      slurp: src=/etc/crowdsec/meta/bouncer_fw_api_key
      register: crowdsec_fw_lapi_generated_key
    - set_fact: crowdsec_fw_lapi_key={{ crowdsec_fw_lapi_generated_key.content | b64decode | trim }}
  tags: crowdsec

- name: Set initial facts
  block:
    - set_fact: crowdsec_fw_current_version=''
    - set_fact: crowdsec_fw_install_mode='none'
  tags: crowdsec

- name: Check if the bouncer is installed
  stat: path=/usr/local/bin/cs-firewall-bouncer
  register: crowdsec_fw_bin
  tags: crowdsec

- when: crowdsec_fw_bin.stat.exists
  block:
    - name: Detect installed version
      shell: |
        cs-firewall-bouncer -c /dev/null 2>&1 | perl -ne 'm/cs-firewall-bouncer v(\d+(\.\d+)*)/ && print $1'
      register: crowdsec_fw_current_version
      changed_when: False

    - set_fact: crowdsec_fw_current_version={{ crowdsec_fw_current_version.stdout }}
  tags: crowdsec

- name: Set install mode
  set_fact: crowdsec_fw_install_mode='install'
  when: not crowdsec_fw_bin.stat.exists
  tags: crowdsec

- name: Set upgrade mode
  set_fact: crowdsec_fw_install_mode='upgrade'
  when:
    - crowdsec_fw_bin.stat.exists
    - crowdsec_fw_current_version != crowdsec_fw_version
  tags: crowdsec
Update to 2021-02-17 09:00 4 years ago			`---`

			`- name: Check if API key is available`
			`stat: path=/etc/crowdsec/meta/bouncer_fw_api_key`
			`register: crowdsec_fw_lapi_key_file`
			`tags: crowdsec`

			`- when: crowdsec_fw_lapi_key is not defined and (not crowdsec_fw_lapi_key_file.stat.exists or crowdsec_fw_lapi_key_file.stat.size == 0)`
			`block:`
			`- name: Register the bouncer`
			`command: cscli bouncers add {{ inventory_hostname }}-firewall -o raw`
			`register: crowdsec_bouncer_add`
			`failed_when: crowdsec_bouncer_add.rc not in [0,1]`
			`changed_when: crowdsec_bouncer_add.rc == 0`
			`delegate_to: "{{ crowdsec_lapi_server \| default(inventory_hostname) }}"`

			`- name: Record the API key for later use`
			`copy: content={{ crowdsec_bouncer_add.stdout }} dest=/etc/crowdsec/meta/bouncer_fw_api_key mode=600`

			`tags: crowdsec`

			`- when: crowdsec_fw_lapi_key is not defined`
			`block:`
			`- name: Read the API key`
			`slurp: src=/etc/crowdsec/meta/bouncer_fw_api_key`
			`register: crowdsec_fw_lapi_generated_key`
			`- set_fact: crowdsec_fw_lapi_key={{ crowdsec_fw_lapi_generated_key.content \| b64decode \| trim }}`
			`tags: crowdsec`

			`- name: Set initial facts`
			`block:`
			`- set_fact: crowdsec_fw_current_version=''`
			`- set_fact: crowdsec_fw_install_mode='none'`
			`tags: crowdsec`

			`- name: Check if the bouncer is installed`
			`stat: path=/usr/local/bin/cs-firewall-bouncer`
			`register: crowdsec_fw_bin`
			`tags: crowdsec`

			`- when: crowdsec_fw_bin.stat.exists`
			`block:`
			`- name: Detect installed version`
			`shell: \|`
			`cs-firewall-bouncer -c /dev/null 2>&1 \| perl -ne 'm/cs-firewall-bouncer v(\d+(\.\d+)*)/ && print $1'`
			`register: crowdsec_fw_current_version`
			`changed_when: False`

			`- set_fact: crowdsec_fw_current_version={{ crowdsec_fw_current_version.stdout }}`
			`tags: crowdsec`

			`- name: Set install mode`
			`set_fact: crowdsec_fw_install_mode='install'`
			`when: not crowdsec_fw_bin.stat.exists`
			`tags: crowdsec`

			`- name: Set upgrade mode`
			`set_fact: crowdsec_fw_install_mode='upgrade'`
			`when:`
			`- crowdsec_fw_bin.stat.exists`
			`- crowdsec_fw_current_version != crowdsec_fw_version`
			`tags: crowdsec`