Fix Bookworm sshd jail by installing python3-systemd

CHANGELOG.md

@@ -6,6 +6,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+### Fixed
+- [Fail2ban] Fix Bookworm sshd jail by installing python3-systemd
 
 ## [4.2.1] - 2024-09-17
 ### Fixed

molecule/fail2ban/converge.yml

@@ -14,8 +14,6 @@
             name: manala.roles.fail2ban
           vars:
             manala_fail2ban_config: |
-              [ssh]
-              enabled = false
               [sshd]
               enabled = false
       always:

molecule/fail2ban/goss/default.yaml.j2

@@ -3,6 +3,13 @@
 package:
   fail2ban:
     installed: true
+  # See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770171
+  python3-systemd:
+{% if ansible_facts.distribution_release in ['bookworm'] %}
+    installed: true
+{% else %}
+    installed: false
+{% endif %}
 
 service:
   fail2ban:

roles/fail2ban/tasks/install.yaml

@@ -7,4 +7,12 @@
     update_cache: true
     cache_valid_time: 3600
   loop:
-    - "{{ manala_fail2ban_install_packages | default(manala_fail2ban_install_packages_default, True) }}"
+    # See: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770171
+    - |
+      {{
+        manala_fail2ban_install_packages | default(manala_fail2ban_install_packages_default, True)
+        + (ansible_facts.distribution_release in ['bookworm']) | ternary(
+            ['python3-systemd'],
+            []
+        )
+      }}