33 lines
662 B
YAML
33 lines
662 B
YAML
---
|
|
- name: Fail2ban | Install Fail2ban package
|
|
ansible.builtin.package:
|
|
name: fail2ban
|
|
state: present
|
|
become: true
|
|
|
|
- name: Fail2ban | Deploy jail.local configuration
|
|
ansible.builtin.copy:
|
|
dest: /etc/fail2ban/jail.local
|
|
mode: "0644"
|
|
owner: root
|
|
group: root
|
|
content: |
|
|
[DEFAULT]
|
|
bantime = 86400
|
|
findtime = 600
|
|
maxretry = 3
|
|
|
|
[sshd]
|
|
enabled = true
|
|
port = ssh
|
|
become: true
|
|
notify: Restart Fail2ban
|
|
|
|
- name: Fail2ban | Ensure service is started and enabled
|
|
ansible.builtin.service:
|
|
name: fail2ban
|
|
state: started
|
|
enabled: true
|
|
become: true
|
|
when: not ansible_check_mode
|