Ansible roles by Evolix

History

Jérémy Lecour 0fe0244116 continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details Update Galaxy metadata (company, platforms and galaxy_tags)		3 months ago
..
defaults	fail2ban: add a variable to update the list of ignored IP addresses	3 years ago
files	fail2ban: add roundcube filter	4 years ago
handlers	fail2ban: Install munin plugin if available	4 years ago
meta	Update Galaxy metadata (company, platforms and galaxy_tags)	3 months ago
tasks	Improve Ansible syntax	5 months ago
templates	Change default public SSH/SFTP port from 2222 to 22222	1 year ago
tests	Add tests for many roles	4 years ago
.kitchen.yml	Kitchen: Change base image to evolix/ansible	4 years ago
README.md	apache/nginx/fail2ban: mention ip_whitelist.yml in README.md	3 years ago

fail2ban

Install Fail2ban.

Tasks

Everything is in the tasks/main.yml file.

An ip_whitelist.yml standalone task file is available to update IP adresses whitelist without rolling the whole role.

Main variables are :

general_alert_email: email address to send various alert messages (default: root@localhost).
fail2ban_alert_email: email address for messages sent to root (default: general_alert_email).
fail2ban_default_ignore_ips: default list of IPs to ignore (default: empty).
fail2ban_additional_ignore_ips: additional list of IPs to ignore (default: empty).
fail2ban_disable_ssh: if true, the "sshd" filter is disabled, otherwise nothing is done, not even enabling the filter (default: False).

The full list of variables (with default values) can be found in defaults/main.yml.