2024-03-20 13:45:58 +01:00
|
|
|
---
|
|
|
|
|
- name: Install fail2ban
|
|
|
|
|
ansible.builtin.apt:
|
2024-03-24 22:12:56 +01:00
|
|
|
name: fail2ban
|
2024-03-20 13:45:58 +01:00
|
|
|
state: latest
|
2024-03-22 23:47:35 +01:00
|
|
|
when: ansible_facts['os_family'] == "Debian"
|
|
|
|
|
|
|
|
|
|
- name: Install fail2ban
|
|
|
|
|
ansible.builtin.dnf:
|
2024-03-24 22:12:56 +01:00
|
|
|
name: fail2ban
|
2024-03-22 23:47:35 +01:00
|
|
|
state: latest
|
|
|
|
|
when: ansible_facts['os_family'] == "RedHat"
|
2024-03-20 13:45:58 +01:00
|
|
|
|
|
|
|
|
- name: Copy sshd.conf
|
2024-03-22 23:47:35 +01:00
|
|
|
ansible.builtin.template:
|
2024-03-24 22:12:56 +01:00
|
|
|
src: sshd.conf.j2
|
|
|
|
|
dest: /etc/fail2ban/jail.d/sshd.conf
|
2024-03-20 13:45:58 +01:00
|
|
|
mode: "0640"
|
|
|
|
|
notify:
|
|
|
|
|
- Restart fail2ban
|
|
|
|
|
|
|
|
|
|
- name: Start fail2ban.service
|
|
|
|
|
ansible.builtin.systemd:
|
|
|
|
|
state: started
|
|
|
|
|
name: fail2ban.service
|
|
|
|
|
enabled: true
|
