blob: b0edb6e1fa7111ecec243cefc8e46688053706fa (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# =========================================================================== #
# __ ____ _ _____ __
# _________ / /__ / __/___ _(_) /__ \ / /_ ____ _____
# / ___/ __ \/ / _ \ / /_/ __ `/ / /__/ // __ \/ __ `/ __ \
# / / / /_/ / / __/ / __/ /_/ / / // __// /_/ / /_/ / / / /
# /_/ \____/_/\___(_) /_/ \__,_/_/_//____/_.___/\__,_/_/ /_/
#
# =========================================================================== #
---
- name: Check installation of fail2ban
package:
name: fail2ban
state: present
- name: Check existence of fail2ban config file -- jail.local
stat:
path: /etc/fail2ban/jail.local
register: stat_result
- name: Backing up ancient fail2ban config file -- jail.local.backup
shell: cp /etc/fail2ban/jail.local /etc/fail2ban/jail.local.backup
when: stat_result.stat.exists
- name: Copy fail2ban :: jail.local
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: path-defaults.conf
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: path-defaults.conf
copy:
src: jail.local
dest: /etc/fail2ban/
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: jail-sshd.conf
copy:
src: jail-sshd.conf
dest: /etc/fail2ban/jail.d
owner: root
group: root
mode: "0644"
- name: Copy fail2ban :: jail-lighttpd.conf
copy:
src: jail-lighttpd.conf
dest: /etc/fail2ban/jail.d
owner: root
group: root
mode: "0644"
when: inventory_hostname in groups["server-web"]
- name: Restart fail2ban service
systemd:
name: fail2ban
enabled: yes
state: restarted
|
