WIP: Various cleanups #83

Draft
jeltz wants to merge 9 commits from cleanup_no_ldap_for_servers into master
2 changed files with 0 additions and 43 deletions
Showing only changes of commit ccb1f90c79 - Show all commits

View file

@ -1,5 +0,0 @@
---
- name: Restart sshd service
service:
name: sshd
state: restarted

View file

@ -24,44 +24,6 @@
- /bin/umount # Only root should umount - /bin/umount # Only root should umount
ignore_errors: true # Sometimes file won't exist ignore_errors: true # Sometimes file won't exist
- name: Install fail2ban
apt:
name: fail2ban
state: present
register: apt_result
retries: 3
until: apt_result is succeeded
- name: Configure fail2ban
ini_file:
path: /etc/fail2ban/jail.d/local.conf
section: "{{ item.section }}"
option: "{{ item.option }}"
value: "{{ item.value }}"
state: present
mode: 0644
notify: Restart fail2ban service
loop:
- section: sshd
option: ignoreip
value: 10.128.0.254 # Whitelist bastion
- section: sshd
option: enabled
value: "true"
- section: sshd
option: bantime
value: 600
- section: sshd
option: findtime
value: 600
- section: sshd
option: maxretry
value: 5
# See altered packages and configurations with `debsums -ca` # See altered packages and configurations with `debsums -ca`
- name: Install debsums - name: Install debsums
apt: apt: