diff options
Diffstat (limited to 'roles/common/tasks/fail2ban.yml')
-rw-r--r-- | roles/common/tasks/fail2ban.yml | 20 |
1 files changed, 2 insertions, 18 deletions
diff --git a/roles/common/tasks/fail2ban.yml b/roles/common/tasks/fail2ban.yml index 89427ea..563075f 100644 --- a/roles/common/tasks/fail2ban.yml +++ b/roles/common/tasks/fail2ban.yml @@ -1,22 +1,6 @@ - name: Install fail2ban apt: pkg=fail2ban -# Log into a dedicate directory so we can use ReadWriteDirectories in -# the .service file -- name: Create directory /var/log/fail2ban - file: path=/var/log/fail2ban - state=directory - owner=root group=adm - mode=0750 - -- name: Fix fail2ban logrotate snippet - lineinfile: dest=/etc/logrotate.d/fail2ban - state=present - line="/var/log/fail2ban/*.log" - insertbefore="^[^#]*\\s{$" - tags: - - logrotate - - name: Configure fail2ban (fail2ban.local) copy: src=etc/fail2ban/fail2ban.local dest=/etc/fail2ban/fail2ban.local @@ -53,11 +37,11 @@ notify: - Restart fail2ban -- name: Create directory /etc/systemd/system/fail2ban.service.d/override.conf +- name: Create directory /etc/systemd/system/fail2ban.service.d file: path=/etc/systemd/system/fail2ban.service.d state=directory owner=root group=root - mode=0750 + mode=0755 - name: Harden fail2ban.service copy: src=etc/systemd/system/fail2ban.service.d/override.conf |