diff --git a/host_vars/.template b/host_vars/.template index 5bca599..b15de0b 100644 --- a/host_vars/.template +++ b/host_vars/.template @@ -5,6 +5,9 @@ subnet: ethx: is_zfs: +# Fail2ban variable: +fail2ban_ignoreip: + # Postfix variables postfix_smtp_pass: diff --git a/playbooks/filesystem/common/etc/fail2ban/jail.local.j2 b/playbooks/filesystem/common/etc/fail2ban/jail.local.j2 index 21a8d90..150ec17 100644 --- a/playbooks/filesystem/common/etc/fail2ban/jail.local.j2 +++ b/playbooks/filesystem/common/etc/fail2ban/jail.local.j2 @@ -3,7 +3,7 @@ # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. -ignoreip = 127.0.0.1/8 ::1 {{ subnet }} +ignoreip = 127.0.0.1/8 ::1 {{ fail2ban_ignoreip }} # "bantime" is the number of seconds that a host is banned. bantime = 1d