infrastructure/ansible/roles/gateway/tasks/fail2ban.yml
Jake Howard a54d373526
Replace edge proxy with nginx
The config makes more sense, and it has more of the features I need, which will come later.
2021-08-22 22:35:09 +01:00

22 lines
510 B
YAML

- name: fail2ban filter
template:
src: files/nginx-fail2ban-filter.conf
dest: /etc/fail2ban/filter.d/nginx-tcp.conf
mode: "0600"
become: true
register: fail2ban_filter
- name: fail2ban jail
template:
src: files/nginx-fail2ban-jail.conf
dest: /etc/fail2ban/jail.d/nginx.conf
mode: "0600"
become: true
register: fail2ban_jail
- name: Restart fail2ban
service:
name: fail2ban
state: restarted
become: true
when: fail2ban_filter.changed or fail2ban_jail.changed