36 lines
814 B
YAML
36 lines
814 B
YAML
- name: Ensure fail2ban directories exist
|
|
file:
|
|
path: "/etc/fail2ban/{{ item }}"
|
|
state: directory
|
|
mode: '0755'
|
|
loop:
|
|
- ""
|
|
- jail.d
|
|
- filter.d
|
|
|
|
- name: Remove obsolete grafana fail2ban configs
|
|
file:
|
|
path: "/etc/fail2ban/{{ item }}"
|
|
state: absent
|
|
loop:
|
|
- jail.d/grafana.conf
|
|
- filter.d/grafana-auth.conf
|
|
notify: Reload fail2ban
|
|
|
|
- name: Deploy fail2ban jail.local
|
|
template:
|
|
src: jail.local.j2
|
|
dest: /etc/fail2ban/jail.local
|
|
mode: '0644'
|
|
notify: Reload fail2ban
|
|
|
|
- name: Copy fail2ban jail and filter configs
|
|
copy:
|
|
src: "{{ item }}"
|
|
dest: "/etc/fail2ban/{{ item | regex_replace('^.*/files/', '') }}"
|
|
mode: '0644'
|
|
with_fileglob:
|
|
- "{{ role_path }}/files/jail.d/*"
|
|
- "{{ role_path }}/files/filter.d/*"
|
|
notify: Reload fail2ban
|
|
|