Debian 12 deploy fixes
This commit is contained in:
parent
cf0aaef4ee
commit
9b57350d92
@ -8,6 +8,27 @@ ignoreip = 127.0.0.1/8 ::1 {{ system_base_fail2ban_ignoreip }}
|
|||||||
# "bantime" is the number of seconds that a host is banned.
|
# "bantime" is the number of seconds that a host is banned.
|
||||||
bantime = 1d
|
bantime = 1d
|
||||||
|
|
||||||
|
# "backend" specifies the backend used to get files modification.
|
||||||
|
# Available options are "pyinotify", "gamin", "polling", "systemd" and "auto".
|
||||||
|
# This option can be overridden in each jail as well.
|
||||||
|
#
|
||||||
|
# pyinotify: requires pyinotify (a file alteration monitor) to be installed.
|
||||||
|
# If pyinotify is not installed, Fail2ban will use auto.
|
||||||
|
# gamin: requires Gamin (a file alteration monitor) to be installed.
|
||||||
|
# If Gamin is not installed, Fail2ban will use auto.
|
||||||
|
# polling: uses a polling algorithm which does not require external libraries.
|
||||||
|
# systemd: uses systemd python library to access the systemd journal.
|
||||||
|
# Specifying "logpath" is not valid for this backend.
|
||||||
|
# See "journalmatch" in the jails associated filter config
|
||||||
|
# auto: will try to use the following backends, in order:
|
||||||
|
# pyinotify, gamin, polling.
|
||||||
|
#
|
||||||
|
# Note: if systemd backend is chosen as the default but you enable a jail
|
||||||
|
# for which logs are present only in its own log files, specify some other
|
||||||
|
# backend for that jail (e.g. polling) and provide empty value for
|
||||||
|
# journalmatch. See https://github.com/fail2ban/fail2ban/issues/959#issuecomment-74901200
|
||||||
|
backend = systemd
|
||||||
|
|
||||||
# Destination email address used solely for the interpolations in jail.{conf,local,d/*}
|
# Destination email address used solely for the interpolations in jail.{conf,local,d/*}
|
||||||
# configuration files.
|
# configuration files.
|
||||||
destemail = root
|
destemail = root
|
||||||
|
|||||||
@ -4,10 +4,9 @@
|
|||||||
name:
|
name:
|
||||||
- "dnsmasq"
|
- "dnsmasq"
|
||||||
- "libvirt-daemon-system"
|
- "libvirt-daemon-system"
|
||||||
- "netcat"
|
- "netcat-openbsd"
|
||||||
- "qemu-system"
|
- "qemu-system"
|
||||||
install_recommends: false
|
install_recommends: false
|
||||||
register: system_extra_libvirt_install
|
|
||||||
|
|
||||||
- name: "install zfs storage driver for libvirt"
|
- name: "install zfs storage driver for libvirt"
|
||||||
ansible.builtin.apt:
|
ansible.builtin.apt:
|
||||||
@ -15,29 +14,12 @@
|
|||||||
- "libvirt-daemon-driver-storage-zfs"
|
- "libvirt-daemon-driver-storage-zfs"
|
||||||
when:
|
when:
|
||||||
system_extra_libvirt_install_zfs_driver
|
system_extra_libvirt_install_zfs_driver
|
||||||
register: system_extra_libvirt_zfs_driver
|
|
||||||
|
|
||||||
- name: "enable libvirtd"
|
- name: "enable libvirtd"
|
||||||
ansible.builtin.systemd:
|
ansible.builtin.systemd:
|
||||||
name: "libvirtd"
|
name: "libvirtd"
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
- name: "start libvirtd"
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: "libvirtd"
|
|
||||||
state: "started"
|
|
||||||
register: system_extra_libvirt_start
|
|
||||||
|
|
||||||
- name: "restart libvirtd"
|
|
||||||
ansible.builtin.systemd:
|
|
||||||
name: "libvirtd"
|
|
||||||
state: "restarted"
|
|
||||||
when:
|
|
||||||
(system_extra_libvirt_install.changed or
|
|
||||||
(system_extra_libvirt_zfs_driver is defined and
|
|
||||||
system_extra_libvirt_zfs_driver.changed)) and
|
|
||||||
not system_extra_libvirt_start.changed
|
|
||||||
|
|
||||||
- name: "add {{ system_extra_libvirt_user_name }} to group \"libvirt\""
|
- name: "add {{ system_extra_libvirt_user_name }} to group \"libvirt\""
|
||||||
ansible.builtin.user:
|
ansible.builtin.user:
|
||||||
name: "{{ system_extra_libvirt_user_name }}"
|
name: "{{ system_extra_libvirt_user_name }}"
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user