ansible-roles/fail2ban
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
master
fail2ban/tasks/main.yml
vincent d20d88e1b9 create role fail2ban
2019-04-14 11:44:54 +02:00

37 lines
2.2 KiB
YAML
Raw Permalink Blame History

---
# tasks file for fail2ban
- name: Install fail2ban
pacman:
name:
- fail2ban
become: yes
- name: enable fail2ban
service:
name: fail2ban # required. Name of the service.
enabled: true # not required. Whether the service should start on boot. B(At least one of state and enabled are required.)
state: started # not required. choices: reloaded;restarted;started;stopped. C(started)/C(stopped) are idempotent actions that will not run commands unless necessary. C(restarted) will always bounce the service. C(reloaded) will always reload. B(At least one of state and enabled are required.) Note that reloaded will start the service if it is not already started, even if your chosen init system wouldn't normally.
become: yes
- name: copy custom config
copy:
dest: /etc/fail2ban/filter.d # required. Remote absolute path where the file should be copied to. If I(src) is a directory, this must be a directory too. If I(dest) is a nonexistent path and if either I(dest) ends with "/" or I(src) is a directory, I(dest) is created. If I(src) and I(dest) are files, the parent directory of I(dest) isn't created: the task fails if it doesn't already exist.
src: filter.d/ # not required. Local path to a file to copy to the remote server; can be absolute or relative. If path is a directory, it is copied recursively. In this case, if path ends with "/", only inside contents of that directory are copied to destination. Otherwise, if it does not end with "/", the directory itself with all contents is copied. This behavior is similar to Rsync.
become: yes
- name: apply jail sshd file
template:
dest: /etc/fail2ban/jail.d # required. Location to render the template to on the remote machine.
src: jail.d/sshd.local # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
notify: restart fail2ban
become: yes
- name: apply jail mail file
template:
dest: /etc/fail2ban/jail.d # required. Location to render the template to on the remote machine.
src: jail.d/mail.local # required. Path of a Jinja2 formatted template on the Ansible controller. This can be a relative or absolute path.
notify: restart fail2ban
become: yes
Reference in New Issue View Git Blame Copy Permalink