ajout du firewall et fail2ban

2020-04-03 20:51:16 +02:00
parent bf81a41063
commit 48d28ea317
10 changed files with 201 additions and 83 deletions
@@ -0,0 +1,32 @@
+---
+- name: Installation de fail2ban
+  apt:
+    name: fail2ban
+
+- name: Appliquation des règles de ban
+  template:
+    src: ../files/jail.conf
+    dest: /etc/fail2ban/jail.d/jail.conf
+  notify:
+    - restart fail2ban
+
+- name: Création du répertoire pour la surcharge systemd
+  file:
+    name: /etc/systemd/system/fail2ban.service.d
+    state: directory
+
+- name: Règle de base pour nftables
+  template:
+    src: ../files/service-override.conf
+    dest: /etc/systemd/system/fail2ban.service.d/override.conf
+  notify:
+    - restart fail2ban
+
+- name: Déploiement des règles nftables (base)
+  tags:
+    - nftables
+  template:
+    src: ../files/nftables.conf
+    dest: /etc/nftables.conf
+  notify:
+    - reload nftables