40 lines
725 B
YAML
40 lines
725 B
YAML
---
|
|
# tasks file for fail2ban
|
|
- name: Instalação fail2ban
|
|
become: true
|
|
apt:
|
|
name:
|
|
- fail2ban
|
|
state: present
|
|
update_cache: yes
|
|
cache_valid_time: 86400
|
|
force_apt_get: yes
|
|
|
|
- name: Apply fail2ban default config
|
|
become: true
|
|
template:
|
|
src: default.j2
|
|
dest: /etc/fail2ban/jail.d/00-default.conf
|
|
mode: 0644
|
|
notify:
|
|
- reload fail2ban
|
|
|
|
- name: Copy fail2ban jails
|
|
become: true
|
|
copy:
|
|
src: '{{ item }}'
|
|
dest: /etc/fail2ban/jail.d/{{ item }}.conf
|
|
mode: 0644
|
|
with_items:
|
|
- recidive
|
|
- ssh
|
|
notify:
|
|
- reload fail2ban
|
|
|
|
- name: Start service fail2ban, if not started
|
|
become: true
|
|
service:
|
|
name: fail2ban.service
|
|
state: started
|
|
enabled: yes
|