31 lines
566 B
YAML
31 lines
566 B
YAML
- name: Install fail2ban & ufw.
|
|
apt:
|
|
name:
|
|
- fail2ban
|
|
- ufw
|
|
state: present
|
|
|
|
# TODO add proper fail2ban config
|
|
|
|
- name: Ensure fail2ban is started & enabled.
|
|
service:
|
|
name: fail2ban
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Ensure ufw is started & enabled.
|
|
service:
|
|
name: fail2ban
|
|
state: started
|
|
enabled: true
|
|
|
|
- name: Allow SSH connections.
|
|
community.general.ufw:
|
|
rule: allow
|
|
port: 2222
|
|
|
|
- name: Block everything else by default & enable firewall.
|
|
community.general.ufw:
|
|
default: deny
|
|
state: enabled
|