Commit graph

16 commits

Author SHA1 Message Date
b6eca40ae0
Allow tailscale IP in more places 2024-02-07 18:21:16 +00:00
2af9f8529d
Fix new ansible-lint errors
All checks were successful
/ terraform (push) Successful in 46s
/ ansible (push) Successful in 1m53s
Quite a few changes here, hopefully they work!
2023-06-15 15:16:19 +01:00
edc5c325b7
Correctly check hostname against PVE hosts
Some of the hostnames have `-` in instead, which caused issues with the SSH config detecting which users to allow
2021-08-23 19:56:04 +01:00
ac186f42e0
Keep fewer fail2ban logs 2021-03-28 13:06:01 +01:00
6973fb536f
Add fail2ban for traefik
Remote action coming soon
2021-03-28 13:05:38 +01:00
5084bfecdf
Ignore PVE interface from f2b jails 2021-03-24 22:35:28 +00:00
e67e4565d3
Remove expose_ssh and support SSH listening on nebula and PVE
No more wireguard SSH for me
2021-03-24 22:19:29 +00:00
f7a0877e72
Exclude nebula from fail2ban 2021-02-14 11:39:01 +00:00
58879d2e1d
Ensure fail2ban and logrotate are available on all machines 2020-12-27 22:39:33 +00:00
2a4b3ec3e6
Increase timeout for SSH sessions
Stll check relatively often the client is still there, but check many times so the connection stays open a decent amount of time. Especially useful for long-running commands.
2020-11-08 22:04:30 +00:00
9c0682ef9b
Restrict SSH connections to wireguard cidr
Except on home server, still handy to connect on same network.
2020-07-12 17:53:02 +01:00
ceca641e2f
Remove deprecated options 2020-05-23 11:47:31 +01:00
c92f924faa
Harden host key 2020-05-23 11:45:53 +01:00
2fe6cf7c93
Install mobile key 2020-05-23 11:23:45 +01:00
09418cffb0
Provision SSH keys with ansible now 2020-05-23 11:04:50 +01:00
7e534e52e1
Merge SSH into base role 2020-05-23 10:58:09 +01:00