ansible-edda/playbooks/tasks/hosts/fail2ban.yml

38 lines
787 B
YAML
Raw Normal View History

2022-09-11 20:55:30 +02:00
- name: Install fail2ban
apt:
name: fail2ban
- name: Configure fail2ban
template:
2022-09-21 23:57:15 +02:00
src: ./filesystem/common/etc/fail2ban/jail.local.j2
2022-09-11 20:55:30 +02:00
dest: /etc/fail2ban/jail.local
mode: 0644
register: fail2ban_conf
- name: Configure fail2ban sshd jail
template:
2022-09-21 23:57:15 +02:00
src: ./filesystem/common/etc/fail2ban/jail.d/sshd.local.j2
2022-09-11 20:55:30 +02:00
dest: /etc/fail2ban/jail.d/sshd.local
mode: 0644
register: fail2ban_sshd_jail
- name: Enable fail2ban
2022-09-11 20:55:30 +02:00
systemd:
name: fail2ban
enabled: yes
- name: Start fail2ban
systemd:
name: fail2ban
state: started
register: fail2ban_start
2022-09-11 20:55:30 +02:00
- name: Restart fail2ban
systemd:
name: fail2ban
state: restarted
when:
(fail2ban_conf is changed or
fail2ban_sshd_jail is changed) and
fail2ban_start is not changed