ajout du firewall et fail2ban

roles/auth/handlers/main.yml

@@ -0,0 +1,18 @@
+---
+- name: restart prosody
+  systemd:
+    name: prosody
+    state: restarted
+    enabled: true
+
+- name: restart jicofo
+  systemd:
+    name: jicofo
+    state: restarted
+    enabled: true
+
+- name: restart jitsi-videobridge2
+  systemd:
+    name: jitsi-videobridge2
+    state: restarted
+    enabled: true

roles/auth/tasks/main.yml

@@ -4,6 +4,8 @@
     path: /etc/prosody/conf.d/{{ inventory_hostname }}.cfg.lua
     regexp: 'authentication = "anonymous"'
     replace: 'authentication = "internal_plain"'
+  notify:
+    - restart prosody
 
 - name:  Conf Jitsi - Activation de l'authentification prosody 2/2
   blockinfile:
@@ -13,27 +15,26 @@
       VirtualHost "guest.{{ inventory_hostname }}"
           authentication = "anonymous"
           c2s_require_encryption = false
+  notify:
+    - restart prosody
 
 - name: Conf Jitsi - Activation de l'authentification jitsi
   lineinfile:
     path: /etc/jitsi/meet/{{ inventory_hostname }}-config.js
     insertafter: "[^?]// anonymousdomain: 'guest.example.com'"
     line: "        anonymousdomain: 'guest.{{ inventory_hostname }}',"
+  notify:
+    - restart jitsi-videobridge2
 
 - name: Conf Jitsi - Activation de l'authentification jicofo
   lineinfile:
     path: /etc/jitsi/jicofo/sip-communicator.properties
     insertafter: "^org.jitsi.jicofo.BRIDGE_MUC=*"
     line: "org.jitsi.jicofo.auth.URL=XMPP:{{ inventory_hostname }}"
+  notify:
+    - restart jicofo
 
 - name: Conf Jitsi - Création de l'utilisateur prosody
-  shell: prosodyctl register {{ jitsi_user }} {{ inventory_hostname }} {{ jitsi_pass }}
-
-- name: Redémarrage des services
-  systemd:
-    name: '{{ item }}.service'
-    state: restarted
-  with_items:
-    - prosody
-    - jicofo
-    - jitsi-videobridge2
+  command: prosodyctl register {{ jitsi_user }} {{ inventory_hostname }} {{ jitsi_pass }}
+  notify:
+    - restart prosody