Ansible role to install fail2ban with basic configuration to get up and running.
The vars/main.yml
file should contain your list of packages you want to install in order to override defaults found in defaults/main.yml
. Additionally, you can overwrite the variables as part of your playbook.
ips_to_whitelist:
- 1.2.3.4/32
- 4.5.6.0/24
By default from version 0.8.1 fail2ban started using sendmail as the notification sending. If you want to use mail
from mailutils
, set notification_sending: mail
in your playbook.yml
file.
Set ssh_ddos: true
in your playbook.yml
file.
Ansible checks for existance of /var/log/nginx/error.log
to determine if this rule can be enabled.
Set nginx_http_auth: true
in your playbook.yml
file.
Note: Some packages will already be in place with default Ubuntu install but there is no harm in making sure.
If you run into errors, uncomment the - debug: msg="{{ ... }}"
statements.