ansible/roles/fail2ban/tasks/main.yml

---
- name: Install fail2ban
  apt:
    name: fail2ban
    state: present

- name: Enable fail2ban for SSH
  template:
    src: jail.local.j2
    # jail.local overrides jail.conf but does not replace
    # we can just put our little SSH conf (port and log file) inside
    dest: /etc/fail2ban/jail.local
    owner: root
    group: root
    mode: 0644
  notify: Restarts fail2ban

- name: Enable fail2ban
  service:
    name: fail2ban
    enabled: true
Functional base playbook 2021-02-12 22:13:37 +01:00			`---`
			`- name: Install fail2ban`
			`apt:`
			`name: fail2ban`
			`state: present`

			`- name: Enable fail2ban for SSH`
			`template:`
			`src: jail.local.j2`
			`# jail.local overrides jail.conf but does not replace`
			`# we can just put our little SSH conf (port and log file) inside`
			`dest: /etc/fail2ban/jail.local`
			`owner: root`
			`group: root`
			`mode: 0644`
			`notify: Restarts fail2ban`

			`- name: Enable fail2ban`
			`service:`
			`name: fail2ban`
			`enabled: true`