blob: b0edb6e1fa7111ecec243cefc8e46688053706fa (
plain) (
tree)
|
|
# =========================================================================== #
# __ ____ _ _____ __
# _________ / /__ / __/___ _(_) /__ \ / /_ ____ _____
# / ___/ __ \/ / _ \ / /_/ __ `/ / /__/ // __ \/ __ `/ __ \
# / / / /_/ / / __/ / __/ /_/ / / // __// /_/ / /_/ / / / /
# /_/ \____/_/\___(_) /_/ \__,_/_/_//____/_.___/\__,_/_/ /_/
#
# =========================================================================== #
---
- name: Check installation of fail2ban
package:
name: fail2ban
state: present
- name: Check existence of fail2ban config file -- jail.local
stat:
path: /etc/fail2ban/jail.local
register: stat_result
- name: Backing up ancient fail2ban config file -- jail.local.backup
shell: cp /etc/fail2ban/jail.local /etc/fail2ban/jail.local.backup
when: stat_result.stat.exists
- name: Copy fail2ban :: jail.local
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: path-defaults.conf
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: path-defaults.conf
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: jail-sshd.conf
copy:
src: jail-sshd.conf
dest: /etc/fail2ban/jail.d
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: jail-lighttpd.conf
copy:
src: jail-lighttpd.conf
dest: /etc/fail2ban/jail.d
owner: root
group: root
mode: "0644"
when: inventory_hostname in groups["server-web"]
- name: Restart fail2ban service
systemd:
name: fail2ban
enabled: yes
state: restarted
|
