22 lines
452 B
YAML
22 lines
452 B
YAML
---
|
|
- name: Install fail2ban
|
|
apt:
|
|
name: fail2ban
|
|
state: present
|
|
|
|
- name: Enable fail2ban for SSH
|
|
template:
|
|
src: jail.local.j2
|
|
# jail.local overrides jail.conf but does not replace
|
|
# we can just put our little SSH conf (port and log file) inside
|
|
dest: /etc/fail2ban/jail.local
|
|
owner: root
|
|
group: root
|
|
mode: 0644
|
|
notify: Restarts fail2ban
|
|
|
|
- name: Enable fail2ban
|
|
service:
|
|
name: fail2ban
|
|
enabled: true
|