From c8fb6e4c80bfd55d0605f6b04a1936a9e0b3e096 Mon Sep 17 00:00:00 2001
From: Jose <joseraj@gmail.com>
Date: Sun, 1 Mar 2026 12:56:54 +0100
Subject: [PATCH] =?UTF-8?q?feat=20=E2=9C=A8:=20Add=20debug=20tasks=20for?=
 =?UTF-8?q?=20Proxmox=20firewall=20config=20path=20and=20contents?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This commit introduces new debug tasks to help diagnose issues related to the Proxmox firewall configuration path and its contents. These tasks will assist in verifying that the paths are correctly set up and that the necessary files are present.
---
 tasks/fail2ban.yml | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/tasks/fail2ban.yml b/tasks/fail2ban.yml
index 6179f38..4a39926 100644
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@@ -156,6 +156,13 @@
       }}
   when: pve_installed.stat.exists | default(false)
 
+- name: fail2ban | show firewall config path
+  ansible.builtin.debug:
+    msg: >
+      WARNING: Proxmox firewall config path is:
+      {{ pve_firewall_config}}
+  when: pve_firewall_config is defined
+
 #################################################
 # Detect firewall configuration
 #################################################
@@ -172,15 +179,19 @@
   register: fw_content
   when: fw_stat.stat.exists | default(false)
 
+- name: fail2ban | debug config contents
+  ansible.builtin.debug:
+    msg: >
+      {{ fw_content }}
+  when: not pve_firewall_enabled
+
 - name: fail2ban | Determine if firewall enabled
   ansible.builtin.set_fact:
     pve_firewall_enabled: >-
       {{
-        (fw_stat.stat.exists | default(false)) and
-        (
-          (fw_content.content | default('') | b64decode)
-          is search('enable:\s*1')
-        )
+        fw_stat.stat.exists and
+        (fw_content.content | b64decode)
+        is search('^enable:\s*1$', multiline=True)
       }}
 
 - name: fail2ban | Warn if firewall not enabled