initial commit
This commit is contained in:
hiperman
@@ -0,0 +1,39 @@
|
||||
---
|
||||
|
||||
- name: Gather installed packages for checks later on
|
||||
ansible.builtin.package_facts:
|
||||
manager: "auto"
|
||||
|
||||
- name: Warn if fail2ban is not installed
|
||||
ansible.builtin.fail:
|
||||
msg: "the package fail2ban is not installed. no fail2ban filters deployed."
|
||||
when: "'fail2ban' not in ansible_facts.packages"
|
||||
failed_when: false
|
||||
|
||||
- name: Install fail2ban filter
|
||||
become: true
|
||||
ansible.builtin.template:
|
||||
src: fail2ban/filter.conf.j2
|
||||
dest: /etc/fail2ban/filter.d/gitea.local
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0444"
|
||||
notify: "Restart fail2ban"
|
||||
when: "'fail2ban' in ansible_facts.packages"
|
||||
|
||||
- name: Install fail2ban jail for logins over HTTP(S)
|
||||
become: true
|
||||
vars:
|
||||
gitea_fail2ban_filter: gitea
|
||||
gitea_fail2ban_port: "http,https,{{ gitea_ssh_port }}"
|
||||
gitea_fail2ban_jail_name: gitea-docker
|
||||
ansible.builtin.template:
|
||||
src: fail2ban/jail.conf.j2
|
||||
dest: /etc/fail2ban/jail.d/gitea.local
|
||||
owner: root
|
||||
group: root
|
||||
mode: "0444"
|
||||
notify: "Restart fail2ban"
|
||||
when: "'fail2ban' in ansible_facts.packages"
|
||||
|
||||
|
||||
Reference in New Issue
Block a user