diff options
Diffstat (limited to 'ansible/roles/fail2ban/tasks/main.yml')
-rw-r--r-- | ansible/roles/fail2ban/tasks/main.yml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/ansible/roles/fail2ban/tasks/main.yml b/ansible/roles/fail2ban/tasks/main.yml new file mode 100644 index 0000000..6d8e237 --- /dev/null +++ b/ansible/roles/fail2ban/tasks/main.yml | |||
@@ -0,0 +1,28 @@ | |||
1 | --- | ||
2 | # dovecot is configured to respect the fail2ban deny decisions | ||
3 | # A failed login is recorded as: | ||
4 | # dovecot[<pid>]: imap-login: access(tcpwrap): Client refused (rip=<ip>) | ||
5 | - name: install fail2ban | ||
6 | apt: | ||
7 | name: fail2ban | ||
8 | state: latest | ||
9 | install_recommends: false | ||
10 | |||
11 | - name: copy fail2ban config | ||
12 | copy: | ||
13 | src: fail2ban/ | ||
14 | dest: /etc/fail2ban/ | ||
15 | mode: preserve | ||
16 | notify: | ||
17 | - restart fail2ban | ||
18 | |||
19 | |||
20 | # verify everything is running | ||
21 | - name: verify services are running in dependency order | ||
22 | service: | ||
23 | name: "{{ item }}" | ||
24 | enabled: yes | ||
25 | state: started | ||
26 | loop: | ||
27 | - fail2ban | ||
28 | |||