Refactor: Organize Ansible project structure
- Reorganized Ansible project structure to follow best practices. - Created dedicated directories: , , , , and . - Categorized playbooks into (host-specific) and (service-specific). - Moved all roles into the directory and standardized their naming conventions. - Relocated to for better variable management. - Renamed to to reflect its global variable scope. - Created to correctly set the to the new directory. - Moved and into the directory. - Added to providing explanations for common commands. - Cleaned up directories from all individual roles to centralize version control.
This commit is contained in:
warezjoe
29
roles/security/tasks/fail2ban.yml
Normal file
29
roles/security/tasks/fail2ban.yml
Normal file
@@ -0,0 +1,29 @@
|
||||
---
|
||||
- name: Install fail2ban (RedHat).
|
||||
package:
|
||||
name: fail2ban
|
||||
state: present
|
||||
enablerepo: epel
|
||||
when: ansible_os_family == 'RedHat'
|
||||
|
||||
- name: Install fail2ban (Debian).
|
||||
package:
|
||||
name: fail2ban
|
||||
state: present
|
||||
when: ansible_os_family == 'Debian'
|
||||
|
||||
- name: Copy fail2ban custom configuration file into place.
|
||||
template:
|
||||
src: "{{ security_fail2ban_custom_configuration_template }}"
|
||||
dest: /etc/fail2ban/jail.local
|
||||
owner: root
|
||||
group: root
|
||||
mode: 0644
|
||||
notify:
|
||||
- reload fail2ban
|
||||
|
||||
- name: Ensure fail2ban is running and enabled on boot.
|
||||
service:
|
||||
name: fail2ban
|
||||
state: started
|
||||
enabled: true
|
||||
Reference in New Issue
Block a user