2016-11-07 14:00:57 +01:00
|
|
|
# fail2ban
|
|
|
|
|
|
|
|
|
|
Install Fail2ban.
|
|
|
|
|
|
|
|
|
|
## Tasks
|
|
|
|
|
|
|
|
|
|
Everything is in the `tasks/main.yml` file.
|
|
|
|
|
|
2018-11-02 18:18:22 +01:00
|
|
|
An `ip_whitelist.yml` standalone task file is available to update IP adresses whitelist without rolling the whole role.
|
|
|
|
|
|
2016-11-07 14:00:57 +01:00
|
|
|
## Available variables
|
|
|
|
|
|
|
|
|
|
Main variables are :
|
|
|
|
|
|
|
|
|
|
* `general_alert_email`: email address to send various alert messages (default: `root@localhost`).
|
|
|
|
|
* `fail2ban_alert_email`: email address for messages sent to root (default: `general_alert_email`).
|
2018-08-23 11:24:11 +02:00
|
|
|
* `fail2ban_default_ignore_ips`: default list of IPs to ignore (default: empty).
|
|
|
|
|
* `fail2ban_additional_ignore_ips`: additional list of IPs to ignore (default: empty).
|
2018-08-23 09:16:33 +02:00
|
|
|
* `fail2ban_disable_ssh`: if true, the "sshd" filter is disabled, otherwise nothing is done, not even enabling the filter (default: `False`).
|
2016-11-07 14:00:57 +01:00
|
|
|
|
|
|
|
|
The full list of variables (with default values) can be found in `defaults/main.yml`.
|
