2024-03-19 18:09:56 +01:00
defaults fail2ban: add variable fail2ban_sshd_port to configure sshd port 2023-07-31 11:50:36 +02:00
files fail2ban: add script unban_ip 2024-01-24 15:24:42 +01:00
handlers Use FQCN 2023-03-20 23:33:19 +01:00
meta Update Galaxy metadata (company, platforms and galaxy_tags) 2021-06-28 15:26:28 +02:00
tasks fail2ban: fix Ansible syntax 2024-02-08 11:03:14 +01:00
templates fail2ban: SQLite purge script didn't vacuum as expected + error when vacuum cannot be done 2024-03-19 18:09:56 +01:00
tests change syntax "become: [yes,no]" → "become: [true,false]" 2023-07-03 14:21:22 +02:00
.kitchen.yml Kitchen: Change base image to evolix/ansible 2017-06-02 08:38:08 -04:00 apache/nginx/fail2ban: mention ip_whitelist.yml in 2018-11-02 18:18:22 +01:00


Install Fail2ban.


Everything is in the tasks/main.yml file.

An ip_whitelist.yml standalone task file is available to update IP adresses whitelist without rolling the whole role.

Available variables

Main variables are :

  • general_alert_email: email address to send various alert messages (default: root@localhost).
  • fail2ban_alert_email: email address for messages sent to root (default: general_alert_email).
  • fail2ban_default_ignore_ips: default list of IPs to ignore (default: empty).
  • fail2ban_additional_ignore_ips: additional list of IPs to ignore (default: empty).
  • fail2ban_disable_ssh: if true, the "sshd" filter is disabled, otherwise nothing is done, not even enabling the filter (default: False).

The full list of variables (with default values) can be found in defaults/main.yml.