pimvh.fail2ban

Panoramica Versioni Approfondimenti

Molecule test

Requirements

  1. Install Ansible:
sudo apt install python3
python3 -m ensurepip --upgrade
pip3 install ansible

Required Variables

Set the variables as shown in the defaults.

Currently, the available fail2ban jails are:

  • sshd
  • nginx
  • postfix

Example Playbook

hosts:
  - foo
roles:
  - ansible-fail2ban

Quick Summary - What Happens When You Run This

  • It installs fail2ban.
  • It copies fail2ban configuration templates to the host based on the jail settings.
  • It reloads the fail2ban configuration.

Note: This sets up fail2ban to work with nftables (not iptables).

Future Improvements

  • Enable support for non-authoritative zones and key directives.
  • Make default variable settings better (check defaults in defaults/main.yaml).
  • Let you pass TTL in records.
  • Add automated Key Signing Key (KSK) rollover to the dnssecpls script.
  • Allow multiple dnssecpls scripts with different variables for ZSK rollover or other settings as defined in nsd_zone_attributes.
  • Only update the serial number when necessary, rather than every time the role runs.
Informazioni sul progetto

role to configure fail2ban using nftables, and optionally you can pass an abuseipdb API key.

role fail2ban nftables abuseipdb
Installa
ansible-galaxy install pimvh.fail2ban
GitHub repository
0 stelle
0 fork
0 problemi aperti
Licenza
gpl-3.0
Download
95
Proprietario