Skip to content
Snippets Groups Projects
Select Git revision
  • master default
  • v0.9.2
  • v0.9
  • 2.1.0
  • 2.0.0
  • 1.2.0
  • 1.1.0
  • 1.0.0
  • 0.2.0
  • 0.1.0
10 results
Compare
Name Last commit Last update
defaults
files/filter.d
meta
molecule/default
tasks
templates
.ansible-lint
.gitignore
.gitlab-ci.yml
.yamllint
LICENSE
README.md
README.md

Ansible Debian Fail2ban Role

pipeline status

This repository contains an Ansible role for installing Fail2ban on Debian servers and configuring it to allow applications to send outgoing email nbut not accept incomming email.

To use this role you need to use Ansible Galaxy to install it into another repository under galaxy/roles/fail2ban by adding a requirements.yml file in that repo that contains:

---
- name: fail2ban
  src: https://git.coop/webarch/fail2ban.git
  version: master
  scm: git

And a ansible.cfg that contains:

[defaults]
retry_files_enabled = False
pipelining = True
inventory = hosts.yml
roles_path = galaxy/roles

And a .gitignore containing:

roles/galaxy

To pull this repo in run:

ansible-galaxy install -r requirements.yml --force

The other repo should also contain a fail2ban.yml file that contains:

---
- name: Install Fail2ban
  become: yes

  hosts:
    - fail2ban_servers

  roles:
    - fail2ban

And a hosts.yml file that contains lists of servers, for example:

---
all:
  children:
    fail2ban_servers:
      hosts:
        host3.example.org:
        host4.example.org:
        cloud.example.com:
        cloud.example.org:
        cloud.example.net:

Then it can be run as follows:

ansible-playbook fail2ban.yml

TODO

  • Add variables and documentation for configuring different services, WordPress, phpMyAdmin etc

Webarchitects | Forum | Status | SSH Fingerprints