{"id":21605998,"url":"https://github.com/archf/ansible-fail2ban","last_synced_at":"2026-05-12T23:35:49.177Z","repository":{"id":54938421,"uuid":"42329855","full_name":"archf/ansible-fail2ban","owner":"archf","description":"Ansible role to install and configure fail2ban on a host","archived":false,"fork":false,"pushed_at":"2021-01-20T12:44:07.000Z","size":17,"stargazers_count":0,"open_issues_count":2,"forks_count":4,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-03-18T14:49:06.084Z","etag":null,"topics":["ansible","fail2ban"],"latest_commit_sha":null,"homepage":null,"language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/archf.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-09-11T20:09:24.000Z","updated_at":"2016-12-20T02:49:01.000Z","dependencies_parsed_at":"2022-08-14T07:01:11.709Z","dependency_job_id":null,"html_url":"https://github.com/archf/ansible-fail2ban","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/archf/ansible-fail2ban","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archf%2Fansible-fail2ban","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archf%2Fansible-fail2ban/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archf%2Fansible-fail2ban/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archf%2Fansible-fail2ban/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/archf","download_url":"https://codeload.github.com/archf/ansible-fail2ban/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/archf%2Fansible-fail2ban/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":271749002,"owners_count":24814102,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-23T02:00:09.327Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","fail2ban"],"created_at":"2024-11-24T20:18:30.297Z","updated_at":"2026-05-12T23:35:49.149Z","avatar_url":"https://github.com/archf.png","language":"Ruby","funding_links":[],"categories":[],"sub_categories":[],"readme":"# ansible-fail2ban\n\nA role to install and configure fail2ban on a target host.\n\n## Requirements\n\n### Ansible version\n\nMinimum required ansible version is 2.0.\n\n\n## Role Variables\n\n### Variables conditionally loaded\n\nAdd jails with custom filters.\n\n\nExample below bans IP if too many requests give a 403 using a custom filter and custom ban action\n\n```yaml\n- role: fail2ban\n  fail2ban_jails:\n      - name: kinto_auth  # nginx 403 for kinto fails\n        enabled: 'true'\n        filter: kinto-auth\n        action: nginx-blacklist\n        logpath: /var/log/nginx/kinto_nginx_access.log\n  fail2ban_filters: # custom filters\n      - name: kinto-auth\n        failregex: '\u003cHOST\u003e - .* \\[.*\\] \".*\" 403 \\d+ \".*\" \".*\" \".*\"'\n  fail2ban_actions: # Custom actions, all keys optionnal\n      - name: nginx-blacklist\n        actionstart:\n            - echo \"\" \u003e /etc/nginx/ip_blacklist.conf # Unban all before starting\n            - touch /var/run/fail2ban/fail2ban.dummy\n            - printf %%b \"\u003cinit\u003e\\n\" \u003e\u003e /var/run/fail2ban/fail2ban.dummy\n        actionstop:\n            - echo \"\" \u003e /etc/nginx/ip_blacklist.conf # Unban all before stopping\n            - systemctl reload openresty\n            - rm -f /var/run/fail2ban/fail2ban.dummy\n        actioncheck:\n            - echo \"ok\"\n        actionban:\n            - echo \"\u003cip\u003e 0;\" \u003e\u003e /etc/nginx/ip_blacklist.conf\n            - systemctl reload openresty\n        actionunban:\n            - sed -i \"/$(echo \"\u003cip\u003e\" | sed 's/\\./\\\\\\./g') 0;/d\" /etc/nginx/ip_blacklist.conf\n            - systemctl reload openresty\n        init:\n            init: \"something\"\n\n```\n\n### Default vars\n\nDefaults from `defaults/main.yml`.\n\n```yaml\n# defaults file for fail2ban\n\n# service\nfail2ban_svc_state: started\nfail2ban_svc_enabled: yes\n\nfail2ban_pkg_state: latest\nfail2ban_use_firewalld: no\n\n# defaults\nfail2ban_jail_default:\n  bantime: 600\n  maxretry: 3\n  banaction: iptables-multiport\n\n# fail2ban_sshd\nfail2ban_jails:\n  - name: sshd\n    enabled: 'true'\n    maxretry: '5'\n\n```\n\n\n## Installation\n\n### Install with Ansible Galaxy\n\n```shell\nansible-galaxy install archf.fail2ban\n```\n\nBasic usage is:\n\n```yaml\n- hosts: all\n  roles:\n    - role: archf.fail2ban\n```\n\n### Install with git\n\nIf you do not want a global installation, clone it into your `roles_path`.\n\n```shell\ngit clone git@github.com:archf/ansible-fail2ban.git /path/to/roles_path\n```\n\nBut I often add it as a submdule in a given `playbook_dir` repository.\n\n```shell\ngit submodule add git@github.com:archf/ansible-fail2ban.git \u003cplaybook_dir\u003e/roles/fail2ban\n```\n\nAs the role is not managed by Ansible Galaxy, you do not have to specify the\ngithub user account.\n\nBasic usage is:\n\n```yaml\n- hosts: all\n  roles:\n  - role: fail2ban\n```\n\n## Ansible role dependencies\n\nNone.\n\n## License\n\nMIT.\n\n## Author Information\n\nFelix Archambault.\n\n## Role stack\n\nThis role was carefully selected to be part an ultimate deck of roles to manage\nyour infrastructure.\n\nAll roles' documentation is wrapped in this [convenient guide](http://127.0.0.1:8000/).\n\n\n---\nThis README was generated using ansidoc. This tool is available on pypi!\n\n```shell\npip3 install ansidoc\n\n# validate by running a dry-run (will output result to stdout)\nansidoc --dry-run \u003crolepath\u003e\n\n# generate you role readme file\nansidoc \u003crolepath\u003e\n```\n\nYou can even use it programatically from sphinx. Check it out.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farchf%2Fansible-fail2ban","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farchf%2Fansible-fail2ban","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farchf%2Fansible-fail2ban/lists"}