ansible-roles/fail2ban
Ludovic Poujol 1e19418fb0
continuous-integration/drone/push Build is passing Details
Fail2ban: Multiple changes & improvements :
* Give the possibility to override jail.local (with fail2ban_override_jaillocal)
* If jail.local was overriden, add a warning
* Allow to tune some jail settings (maxretry, bantime, findtime) with ansible
* Allow to tune the default action with ansible
* Change default action to ban only (instead of ban + mail with whois report)
* Configure recidive jail (off by default) + extend dbpurgeage
2022-06-08 17:55:58 +02:00
..
defaults Fail2ban: Multiple changes & improvements : 2022-06-08 17:55:58 +02:00
files fail2ban: add roundcube filter 2017-10-25 12:12:18 +02:00
handlers fail2ban: Install munin plugin if available 2018-01-18 23:17:20 +01:00
meta Update Galaxy metadata (company, platforms and galaxy_tags) 2021-06-28 15:26:28 +02:00
tasks Fail2ban: Multiple changes & improvements : 2022-06-08 17:55:58 +02:00
templates Fail2ban: Multiple changes & improvements : 2022-06-08 17:55:58 +02:00
tests Add tests for many roles 2017-05-18 15:44:21 +02:00
.kitchen.yml Kitchen: Change base image to evolix/ansible 2017-06-02 08:38:08 -04:00
README.md apache/nginx/fail2ban: mention ip_whitelist.yml in README.md 2018-11-02 18:18:22 +01:00

README.md

fail2ban

Install Fail2ban.

Tasks

Everything is in the tasks/main.yml file.

An ip_whitelist.yml standalone task file is available to update IP adresses whitelist without rolling the whole role.

Available variables

Main variables are :

  • general_alert_email: email address to send various alert messages (default: root@localhost).
  • fail2ban_alert_email: email address for messages sent to root (default: general_alert_email).
  • fail2ban_default_ignore_ips: default list of IPs to ignore (default: empty).
  • fail2ban_additional_ignore_ips: additional list of IPs to ignore (default: empty).
  • fail2ban_disable_ssh: if true, the "sshd" filter is disabled, otherwise nothing is done, not even enabling the filter (default: False).

The full list of variables (with default values) can be found in defaults/main.yml.