Define firewalld service for fail2ban exporter:
  firewalld.service:
    - name: fail2ban_exporter
    - ports:
      - 9191/tcp

Addinge fail2ban exporter fw service:
  firewalld.present:
    - name: public
    - services:
      - fail2ban_exporter

create fail2ban-exporter container:
  cmd.run:
    - name: podman container create --name fail2ban-exporter -v /var/run/fail2ban:/var/run/fail2ban:ro -p 9191:9191 registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
    - unless: podman container exists fail2ban-exporter

create fail2ban-exporter container unit file:
  cmd.run:
    - name: podman generate systemd --name fail2ban-exporter > /etc/systemd/system/fail2ban-exporter.service
    - onchanges:
      - cmd: create fail2ban-exporter container

run daemon reload for fail2ban-exporter container unit file:
  cmd.run:
    - name: systemctl daemon-reload
    - onchanges:
      - cmd: create fail2ban-exporter container unit file

start fail2ban-exporter container:
  service.running:
    - name: fail2ban-exporter
    - enable: true
    - watch:
      - cmd: create fail2ban-exporter container unit file