6973fb536f
Add fail2ban for traefik
...
Remote action coming soon
2021-03-28 13:05:38 +01:00
5084bfecdf
Ignore PVE interface from f2b jails
2021-03-24 22:35:28 +00:00
e67e4565d3
Remove expose_ssh
and support SSH listening on nebula and PVE
...
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
f7a0877e72
Exclude nebula from fail2ban
2021-02-14 11:39:01 +00:00
58879d2e1d
Ensure fail2ban and logrotate are available on all machines
2020-12-27 22:39:33 +00:00
2a4b3ec3e6
Increase timeout for SSH sessions
...
Stll check relatively often the client is still there, but check many times so the connection stays open a decent amount of time. Especially useful for long-running commands.
2020-11-08 22:04:30 +00:00
9c0682ef9b
Restrict SSH connections to wireguard cidr
...
Except on home server, still handy to connect on same network.
2020-07-12 17:53:02 +01:00
ceca641e2f
Remove deprecated options
2020-05-23 11:47:31 +01:00
c92f924faa
Harden host key
2020-05-23 11:45:53 +01:00
2fe6cf7c93
Install mobile key
2020-05-23 11:23:45 +01:00
09418cffb0
Provision SSH keys with ansible now
2020-05-23 11:04:50 +01:00
7e534e52e1
Merge SSH into base role
2020-05-23 10:58:09 +01:00