infrastructure/ansible/roles/gateway/tasks/fail2ban.yml

28 lines
591 B
YAML
Raw Normal View History

- name: Install fail2ban
2020-10-16 19:15:52 +01:00
package:
name: fail2ban
become: true
- name: fail2ban filter
template:
src: files/haproxy-fail2ban-filter.conf
dest: /etc/fail2ban/filter.d/haproxy-basic.conf
2020-10-24 12:10:54 +01:00
mode: "0600"
become: true
register: fail2ban_filter
- name: fail2ban jail
template:
src: files/haproxy-fail2ban-jail.conf
dest: /etc/fail2ban/jail.d/haproxy.conf
2020-10-24 12:10:54 +01:00
mode: "0600"
become: true
register: fail2ban_jail
- name: Restart fail2ban
service:
2020-10-16 19:16:04 +01:00
name: fail2ban
state: restarted
become: true
when: fail2ban_filter.changed or fail2ban_jail.changed