History

Patrick Marchand b776fc3da2 Make ip whitelist tasks more flexible Now the list of whitelisted ip addresses can be updated simply by including the specific tasks in an external playbook without polluting our role list. This change takes effect for nginx, apache and fail2ban.		2018-11-02 18:08:23 +01:00
..
defaults	fail2ban: add a variable to update the list of ignored IP addresses	2018-08-23 11:43:34 +02:00
files	fail2ban: add roundcube filter	2017-10-25 12:12:18 +02:00
handlers	fail2ban: Install munin plugin if available	2018-01-18 23:17:20 +01:00
meta	Ansible >= 2.2 supported	2017-03-24 14:15:09 +01:00
tasks	Make ip whitelist tasks more flexible	2018-11-02 18:08:23 +01:00
templates	fail2ban: fix typo in jinja filters	2018-08-21 23:21:30 +02:00
tests	Add tests for many roles	2017-05-18 15:44:21 +02:00
.kitchen.yml	Kitchen: Change base image to evolix/ansible	2017-06-02 08:38:08 -04:00
README.md	fail2ban: add a variable to update the list of ignored IP addresses	2018-08-23 11:43:34 +02:00

fail2ban

Install Fail2ban.

Tasks

Everything is in the tasks/main.yml file.

Main variables are :

general_alert_email: email address to send various alert messages (default: root@localhost).
fail2ban_alert_email: email address for messages sent to root (default: general_alert_email).
fail2ban_default_ignore_ips: default list of IPs to ignore (default: empty).
fail2ban_additional_ignore_ips: additional list of IPs to ignore (default: empty).
fail2ban_disable_ssh: if true, the "sshd" filter is disabled, otherwise nothing is done, not even enabling the filter (default: False).

The full list of variables (with default values) can be found in defaults/main.yml.