Compare commits
1 commit
stable
...
whitelisti
Author | SHA1 | Date | |
---|---|---|---|
3bcc357509 |
|
@ -10,14 +10,9 @@
|
|||
force: no
|
||||
tags:
|
||||
- apache
|
||||
|
||||
- name: add IP addresses to private IP whitelist
|
||||
lineinfile:
|
||||
dest: /etc/apache2/ipaddr_whitelist.conf
|
||||
line: "Require ip {{ item }}"
|
||||
state: present
|
||||
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
||||
notify: reload apache
|
||||
|
||||
- name: Load IP whitelist task
|
||||
include: ip_whitelist.yml
|
||||
tags:
|
||||
- apache
|
||||
|
||||
|
|
10
apache/tasks/ip_whitelist.yml
Normal file
10
apache/tasks/ip_whitelist.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: add IP addresses to private IP whitelist
|
||||
lineinfile:
|
||||
dest: /etc/apache2/ipaddr_whitelist.conf
|
||||
line: "Require ip {{ item }}"
|
||||
state: present
|
||||
with_items: "{{ apache_ipaddr_whitelist_present }}"
|
||||
notify: reload apache
|
||||
tags:
|
||||
- apache
|
10
fail2ban/tasks/ip_whitelist.yml
Normal file
10
fail2ban/tasks/ip_whitelist.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: Update ignoreips lists
|
||||
ini_file:
|
||||
dest: /etc/fail2ban/jail.local
|
||||
section: "[DEFAULT]"
|
||||
option: "ignoreips"
|
||||
value: "{{ fail2ban_ignore_ips | join(' ') }}"
|
||||
notify: restart fail2ban
|
||||
tags:
|
||||
- fail2ban
|
|
@ -28,13 +28,8 @@
|
|||
tags:
|
||||
- fail2ban
|
||||
|
||||
- name: update ignoreips lists
|
||||
ini_file:
|
||||
dest: /etc/fail2ban/jail.local
|
||||
section: "[DEFAULT]"
|
||||
option: "ignoreips"
|
||||
value: "{{ fail2ban_ignore_ips | join(' ') }}"
|
||||
notify: restart fail2ban
|
||||
- name: Include ignoredips update task
|
||||
include: ip_whitelist.yml
|
||||
when: fail2ban_force_update_ignore_ips
|
||||
tags:
|
||||
- fail2ban
|
||||
|
|
10
nginx/tasks/ip_whitelist.yml
Normal file
10
nginx/tasks/ip_whitelist.yml
Normal file
|
@ -0,0 +1,10 @@
|
|||
---
|
||||
- name: add IP addresses to private IP whitelist
|
||||
lineinfile:
|
||||
dest: /etc/nginx/snippets/ipaddr_whitelist
|
||||
line: "allow {{ item }};"
|
||||
state: present
|
||||
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
||||
notify: reload nginx
|
||||
tags
|
||||
- nginx
|
|
@ -49,14 +49,9 @@
|
|||
notify: reload nginx
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
- name: add IP addresses to private IP whitelist
|
||||
lineinfile:
|
||||
dest: /etc/nginx/snippets/ipaddr_whitelist
|
||||
line: "allow {{ item }};"
|
||||
state: present
|
||||
with_items: "{{ nginx_ipaddr_whitelist_present }}"
|
||||
notify: reload nginx
|
||||
|
||||
- name: Include IP address whitelist task
|
||||
include: ip_whitelist.yml
|
||||
tags:
|
||||
- nginx
|
||||
|
||||
|
|
Loading…
Reference in a new issue