Ludovic Poujol
f50848917a
fail2ban: Fix cron fail2ban_dbpurge (should be bash instead of sh)
2023-07-10 16:41:12 +02:00
Bruno TATU
fb184a0ecf
Set fail2ban_dbpurgeage_default variable for fail2ban
2023-07-04 15:36:02 +02:00
Jérémy Lecour
a6bac1f20b
change syntax "become: [yes,no]" → "become: [true,false]"
2023-07-03 14:21:22 +02:00
Bruno TATU
18f160fb83
valeur que l'on propose par défaut
2023-06-28 14:55:16 +02:00
Jérémy Lecour
ee21973371
Use FQCN
...
Fully Qualified Collection Name
2023-03-20 23:33:19 +01:00
Jérémy Lecour
6f96f6b458
Use proper python Boolean
2023-03-16 14:38:32 +01:00
William Hirigoyen
31e90abe57
fail2ban: add 'Internal login failure' to Dovecot filter
2023-01-23 10:33:10 +01:00
Jérémy Lecour
7a0e0d81d6
Proper jinja spacing
2022-12-28 09:03:37 +01:00
Ludovic Poujol
8ca237c5f7
fail2ban: Fix indent in tasks/fix-dbpurgeage.yml
2022-12-27 14:47:55 +01:00
Bruno Tatu
ae94f979a4
Merge branch 'unstable' of gitea.evolix.org:evolix/ansible-roles into unstable
2022-12-14 17:53:20 +01:00
Bruno Tatu
6aac8933b8
Support dbpurgeage if is a number or a string
2022-12-14 17:53:10 +01:00
Jérémy Lecour
0622e9ff1e
fix non-breaking spaces
2022-12-14 11:47:53 +01:00
Bruno Tatu
1acd2f63db
on enlève bc
2022-12-14 09:50:16 +01:00
Bruno Tatu
4e7a46c9c3
Run VACUUM where there are enough space and always delete old IPs
2022-12-12 11:02:31 +01:00
Bruno Tatu
e415800508
Run if there are enough place
2022-12-08 17:17:32 +01:00
Jérémy Lecour
6f04a41557
fail2ban: fix dovecot-evolix regex syntax
2022-09-15 09:48:34 +02:00
Bruno TATU
e0c95b4c78
Ensure apply dbpurgeage from stretch and buster for fail2ban
2022-07-08 11:26:00 +02:00
Ludovic Poujol
1e19418fb0
Fail2ban: Multiple changes & improvements :
...
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
Jérémy Lecour
0fe0244116
Update Galaxy metadata (company, platforms and galaxy_tags)
2021-06-28 15:26:28 +02:00
Jérémy Lecour
2ed77c60f0
Improve Ansible syntax
...
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
2021-05-09 23:06:42 +02:00
Jérémy Lecour
5138065059
Use 'loop' syntax instead of 'with_items'
2021-05-04 14:19:18 +02:00
Jérémy Lecour
afa0fd35c8
Change default public SSH/SFTP port from 2222 to 22222
2020-08-28 18:32:47 +02:00
Jérémy Lecour
e2f5094835
trailing space
2020-04-11 12:31:41 +02:00
Benoît S.
1a7349ee3d
fail2ban: For sshd jail, protect 2222 port too
...
2222 port is heavily attacked by bots like 22.
2019-03-22 11:39:20 +01:00
Jérémy Lecour
aa28e9c1b8
change repositories URL
2019-03-21 15:31:58 +01:00
Patrick Marchand
59c479582e
Adds ips tag to fail2ban/tasks/ip_whitelist.yml
...
You can already skip nginx and apache ip_whitelist tasks with this
tags, it makes sense for fail2ban to follow suite.
2019-01-10 17:03:14 -05:00
Jérémy Lecour
df308b0396
fail2ban: fix "ignoreip" update
2019-01-09 16:44:16 +01:00
Jérémy Lecour
42ec5d62c8
whitespaces
2019-01-09 16:43:35 +01:00
Jérémy Lecour
06a0f0d9b7
apache/nginx/fail2ban: mention ip_whitelist.yml in README.md
2018-11-02 18:18:22 +01:00
Patrick Marchand
b776fc3da2
Make ip whitelist tasks more flexible
...
Now the list of whitelisted ip addresses can be updated simply by
including the specific tasks in an external playbook without polluting
our role list.
This change takes effect for nginx, apache and fail2ban.
2018-11-02 18:08:23 +01:00
Jérémy Lecour
6077986204
fail2ban: fix typo in variable name
2018-08-23 16:48:50 +02:00
Jérémy Lecour
12c49ed93b
fail2ban: add a variable to update the list of ignored IP addresses
2018-08-23 11:43:34 +02:00
Jérémy Lecour
e939198159
fail2ban: add a variable to disable the ssh filter (default: False)
2018-08-23 09:16:33 +02:00
Jérémy Lecour
0869fb539a
fail2ban: fix typo in jinja filters
2018-08-21 23:21:30 +02:00
Jérémy Lecour
012dabf657
fail2ban: fix fail2ban_ignore_ips definition
...
If the final variable is combined in the defaults file, it's component
can be overridden, but the final variable can't be overriden.
2018-08-21 23:14:31 +02:00
Jérémy Lecour
8bd94a7c44
fail2ban: fix horrible typo, Python is not Ruby
2018-01-23 18:31:31 +01:00
Jérémy Lecour
25a5ffd6ef
fail2ban: Install munin plugin if available
2018-01-18 23:17:20 +01:00
Jérémy Lecour
aeba94bcba
default/additional variables
...
List of hosts/ip are a combination of 2 lists allowing overrides
2017-12-20 18:04:54 +01:00
Jérémy Lecour
8ef9554746
Combine evolix and additional trusted IP addresses
2017-11-15 23:57:58 +01:00
Jérémy Lecour
da3838e3e9
fail2ban: create config hierarchy beforehand
2017-11-15 11:46:53 +01:00
Victor LABORIE
206e2e8a0a
fail2ban: add roundcube filter
2017-10-25 12:12:18 +02:00
Victor LABORIE
8f7004c977
fail2ban: install filter before package
2017-10-25 12:11:46 +02:00
Victor LABORIE
97e4abb37c
fail2ban: add wordpress filters
2017-10-18 15:44:20 +02:00
Jérémy Lecour
030425d9f8
fail2ban: unindent notify attribute
2017-07-19 12:06:19 +02:00
Jérémy Lecour
4099d2a3a4
fail2ban: the local jail should not be overwritten
2017-07-19 11:55:04 +02:00
Jérémy Lecour
3b93ba0768
fail2ban: install local jail before starting
2017-07-19 11:39:38 +02:00
Jérémy Lecour
2077af2992
fail2ban: change ips variables
2017-07-19 11:39:09 +02:00
Jérémy Lecour
3c2656b531
fail2ban doesn't seem to like line breaks
2017-07-12 13:48:54 +02:00
Victor LABORIE
6c6723ea30
fail2ban: fix ignoreip
2017-07-05 12:07:22 +02:00
Victor LABORIE
8d4c1f4af5
fail2ban: custom ignoreip + add tags
2017-07-05 12:01:07 +02:00