The behaviour of the `include` module is badly defined (it try to choose
between statically importing the tasks and dynamically including them)
and can cause problems depending on any number of constraints (mostly if
it choose the wrong behaviour).
Replace it with the `import_tasks` (always statically import tasks) unless
the `include` is in a loop in which case we replace it with
`include_tasks` (always dynamically include tasks).
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
Now the list of whitelisted ip addresses can be updated simply by
including the specific tasks in an external playbook without polluting
our role list.
This change takes effect for nginx, apache and fail2ban.