Commit Graph

62 Commits

Author SHA1 Message Date
Jérémy Lecour 13284645de
fail2ban: fix Ansible syntax
gitea/ansible-roles/pipeline/head There was a failure building this commit Details
2024-02-08 11:03:14 +01:00
William Hirigoyen cce7280cd0 fail2ban: add script unban_ip
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2682|3|2679|4|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/457//ansiblelint">Evolix » ansible-roles » unstable #457</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2024-01-24 15:24:42 +01:00
Jérémy Lecour bca5b9f28c
fail2ban: fix template marker 2024-01-11 17:46:49 +01:00
Ludovic Poujol 16bba8b469 fail2ban: add variable fail2ban_sshd_port to configure sshd port
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2614|6|2608|3|:-1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/311//ansiblelint">Evolix » ansible-roles » unstable #311</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-07-31 11:50:36 +02:00
Ludovic Poujol f50848917a fail2ban: Fix cron fail2ban_dbpurge (should be bash instead of sh)
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2598|5|2593|3|:-1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/293//ansiblelint">Evolix » ansible-roles » unstable #293</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-07-10 16:41:12 +02:00
Bruno TATU fb184a0ecf Set fail2ban_dbpurgeage_default variable for fail2ban
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2594|5|2589|6|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/284//ansiblelint">Evolix » ansible-roles » unstable #284</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-07-04 15:36:02 +02:00
Jérémy Lecour a6bac1f20b
change syntax "become: [yes,no]" → "become: [true,false]"
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2593|3|2590|23|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/280//ansiblelint">Evolix » ansible-roles » unstable #280</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-07-03 14:21:22 +02:00
Bruno TATU 18f160fb83 valeur que l'on propose par défaut
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2613|5|2608|7|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/279//ansiblelint">Evolix » ansible-roles » unstable #279</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-06-28 14:55:16 +02:00
Jérémy Lecour ee21973371 Use FQCN
Ansible Lint |Total|New|Outstanding|Fixed|Trend |:-:|:-:|:-:|:-:|:-: |2777|524|2253|2462|:+1: Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/223//ansiblelint">Evolix » ansible-roles » unstable #223</a> Details
gitea/ansible-roles/pipeline/head This commit looks good Details
Fully Qualified Collection Name
2023-03-20 23:33:19 +01:00
Jérémy Lecour 6f96f6b458 Use proper python Boolean 2023-03-16 14:38:32 +01:00
William Hirigoyen 31e90abe57 fail2ban: add 'Internal login failure' to Dovecot filter
gitea/ansible-roles/pipeline/head This commit looks good Details
2023-01-23 10:33:10 +01:00
Jérémy Lecour 7a0e0d81d6 Proper jinja spacing
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-12-28 09:03:37 +01:00
Ludovic Poujol 8ca237c5f7 fail2ban: Fix indent in tasks/fix-dbpurgeage.yml
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-12-27 14:47:55 +01:00
Bruno Tatu ae94f979a4 Merge branch 'unstable' of gitea.evolix.org:evolix/ansible-roles into unstable
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-12-14 17:53:20 +01:00
Bruno Tatu 6aac8933b8 Support dbpurgeage if is a number or a string 2022-12-14 17:53:10 +01:00
Jérémy Lecour 0622e9ff1e fix non-breaking spaces 2022-12-14 11:47:53 +01:00
Bruno Tatu 1acd2f63db on enlève bc 2022-12-14 09:50:16 +01:00
Bruno Tatu 4e7a46c9c3 Run VACUUM where there are enough space and always delete old IPs
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-12-12 11:02:31 +01:00
Bruno Tatu e415800508 Run if there are enough place
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-12-08 17:17:32 +01:00
Jérémy Lecour 6f04a41557 fail2ban: fix dovecot-evolix regex syntax
gitea/ansible-roles/pipeline/head This commit looks good Details
2022-09-15 09:48:34 +02:00
Bruno TATU e0c95b4c78 Ensure apply dbpurgeage from stretch and buster for fail2ban
continuous-integration/drone/push Build is passing Details
2022-07-08 11:26:00 +02:00
Ludovic Poujol 1e19418fb0 Fail2ban: Multiple changes & improvements :
continuous-integration/drone/push Build is passing Details
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
Jérémy Lecour 0fe0244116 Update Galaxy metadata (company, platforms and galaxy_tags) 2021-06-28 15:26:28 +02:00
Jérémy Lecour 2ed77c60f0 Improve Ansible syntax
replace « x | changed » by « x is changed »
add explicit « bool » filter
use « length » filter instead of string comparison
2021-05-09 23:06:42 +02:00
Jérémy Lecour 5138065059 Use 'loop' syntax instead of 'with_items' 2021-05-04 14:19:18 +02:00
Jérémy Lecour afa0fd35c8 Change default public SSH/SFTP port from 2222 to 22222
continuous-integration/drone/push Build is passing Details
2020-08-28 18:32:47 +02:00
Jérémy Lecour e2f5094835 trailing space 2020-04-11 12:31:41 +02:00
Benoît S. 1a7349ee3d fail2ban: For sshd jail, protect 2222 port too
2222 port is heavily attacked by bots like 22.
2019-03-22 11:39:20 +01:00
Jérémy Lecour aa28e9c1b8 change repositories URL 2019-03-21 15:31:58 +01:00
Patrick Marchand 59c479582e Adds ips tag to fail2ban/tasks/ip_whitelist.yml
You can already skip nginx and apache ip_whitelist tasks with this
tags, it makes sense for fail2ban to follow suite.
2019-01-10 17:03:14 -05:00
Jérémy Lecour df308b0396 fail2ban: fix "ignoreip" update 2019-01-09 16:44:16 +01:00
Jérémy Lecour 42ec5d62c8 whitespaces 2019-01-09 16:43:35 +01:00
Jérémy Lecour 06a0f0d9b7 apache/nginx/fail2ban: mention ip_whitelist.yml in README.md 2018-11-02 18:18:22 +01:00
Patrick Marchand b776fc3da2 Make ip whitelist tasks more flexible
Now the list of whitelisted ip addresses can be updated simply by
including the specific tasks in an external playbook without polluting
our role list.

This change takes effect for nginx, apache and fail2ban.
2018-11-02 18:08:23 +01:00
Jérémy Lecour 6077986204 fail2ban: fix typo in variable name 2018-08-23 16:48:50 +02:00
Jérémy Lecour 12c49ed93b fail2ban: add a variable to update the list of ignored IP addresses 2018-08-23 11:43:34 +02:00
Jérémy Lecour e939198159 fail2ban: add a variable to disable the ssh filter (default: False) 2018-08-23 09:16:33 +02:00
Jérémy Lecour 0869fb539a fail2ban: fix typo in jinja filters 2018-08-21 23:21:30 +02:00
Jérémy Lecour 012dabf657 fail2ban: fix fail2ban_ignore_ips definition
If the final variable is combined in the defaults file, it's component 
can be overridden, but the final variable can't be overriden.
2018-08-21 23:14:31 +02:00
Jérémy Lecour 8bd94a7c44 fail2ban: fix horrible typo, Python is not Ruby 2018-01-23 18:31:31 +01:00
Jérémy Lecour 25a5ffd6ef fail2ban: Install munin plugin if available 2018-01-18 23:17:20 +01:00
Jérémy Lecour aeba94bcba default/additional variables
List of hosts/ip are a combination of 2 lists allowing overrides
2017-12-20 18:04:54 +01:00
Jérémy Lecour 8ef9554746 Combine evolix and additional trusted IP addresses 2017-11-15 23:57:58 +01:00
Jérémy Lecour da3838e3e9 fail2ban: create config hierarchy beforehand 2017-11-15 11:46:53 +01:00
Victor LABORIE 206e2e8a0a fail2ban: add roundcube filter 2017-10-25 12:12:18 +02:00
Victor LABORIE 8f7004c977 fail2ban: install filter before package 2017-10-25 12:11:46 +02:00
Victor LABORIE 97e4abb37c fail2ban: add wordpress filters 2017-10-18 15:44:20 +02:00
Jérémy Lecour 030425d9f8 fail2ban: unindent notify attribute 2017-07-19 12:06:19 +02:00
Jérémy Lecour 4099d2a3a4 fail2ban: the local jail should not be overwritten 2017-07-19 11:55:04 +02:00
Jérémy Lecour 3b93ba0768 fail2ban: install local jail before starting 2017-07-19 11:39:38 +02:00