Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/petemcw/ansible-role-fail2ban

Ansible role for Fail2ban
https://github.com/petemcw/ansible-role-fail2ban

ansible ansible-role fail2ban

Last synced: about 2 months ago
JSON representation

Ansible role for Fail2ban

Host: GitHub
URL: https://github.com/petemcw/ansible-role-fail2ban
Owner: petemcw
License: mit
Created: 2014-02-21T22:42:04.000Z (almost 11 years ago)
Default Branch: master
Last Pushed: 2014-10-20T20:00:08.000Z (over 10 years ago)
Last Synced: 2024-11-08T01:12:14.878Z (3 months ago)
Topics: ansible, ansible-role, fail2ban
Size: 129 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Fail2ban Role for Ansible

This role installs [fail2ban](http://www.fail2ban.org/) which is a service that
scans log files (e.g. /var/log/apache/error_log) and bans IPs that show malicious
signs.

## Requirements

This role requires [Ansible](http://www.ansibleworks.com/) version 1.4 or higher
and the Debian/Ubuntu platform.

## Role Variables

The variables that can be passed to this role and a brief description about
them are as follows (additional variables are available in the source):

```yaml
# The default list of machines that are white-listed
fail2ban_ignoreip:
- 127.0.0.1/8

# The default duration (in seconds) an IP will be banned
fail2ban_bantime: 86400

# The default number of matches that trigger a ban action on the IP
fail2ban_maxretry: 3

# The default banning action
fail2ban_banaction: 'iptables-multiport'

# The default action executed on ban: ban and send email with whois report
fail2ban_action: '%(action_mwl)s'

# The default recipient of email reports
fail2ban_destemail: 'root@localhost'

# The default port for monitoring SSH service
fail2ban_sshport: 22
```

## Examples

1. Install fail2ban with default settings

```yaml
---
# This playbook installs fail2ban

- name: Apply fail2ban to all nodes
hosts: all
roles:
- fail2ban
```

2. Install with custom settings

```yaml
---
# This playbook installs fail2ban

- name: Apply fail2ban to all nodes
hosts: all
roles:
- { role: fail2ban,
fail2ban_bantime: 600,
fail2ban_sshport: 2222
}
```

## Dependencies

None.

## License

MIT.