54 lines
1.4 KiB
YAML
54 lines
1.4 KiB
YAML
---
|
|
# tasks file for fail2ban
|
|
|
|
- name: Supprimer la configuration de Debian
|
|
ansible.builtin.file:
|
|
state: absent
|
|
path: /etc/fail2ban/jail.d/defaults-debian.conf
|
|
become: true
|
|
notify: Redémarrer fail2ban.service
|
|
|
|
- name: Déployer la configuration contre la récidive
|
|
ansible.builtin.template:
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
src: recidive.conf.j2
|
|
dest: /etc/fail2ban/fail2ban.d/recidive.conf
|
|
become: true
|
|
notify: Redémarrer fail2ban.service
|
|
|
|
- name: Déployer la configuration de base
|
|
ansible.builtin.template:
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
src: 01-base.conf.j2
|
|
dest: /etc/fail2ban/jail.d/01-base.conf
|
|
become: true
|
|
notify: Redémarrer fail2ban.service
|
|
|
|
- name: Construire la liste des templates à déployer
|
|
ansible.builtin.set_fact:
|
|
fail2ban_templates: "{{ fail2ban_templates + specific }}"
|
|
when: specific | length > 0
|
|
loop: "{{ lookup('ansible.builtin.varnames', '^fail2ban_templates_.+', wantlist=True) }}"
|
|
vars:
|
|
specific: "{{ lookup('ansible.builtin.vars', item, default='') }}"
|
|
|
|
- name: Déployer les fichiers de configuration
|
|
ansible.builtin.template:
|
|
owner: root
|
|
group: root
|
|
mode: u=rw,g=,o=
|
|
src: "{{ item.src }}"
|
|
dest: "{{ item.dest }}"
|
|
when:
|
|
- fail2ban_templates | length > 0
|
|
- item.src is exists
|
|
loop: "{{ fail2ban_templates }}"
|
|
loop_control:
|
|
label: "{{ item.dest }}"
|
|
become: true
|
|
notify: Redémarrer fail2ban.service
|