diff options
Diffstat (limited to 'roles/common/templates/etc/fail2ban/jail.local.j2')
| -rw-r--r-- | roles/common/templates/etc/fail2ban/jail.local.j2 | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/roles/common/templates/etc/fail2ban/jail.local.j2 b/roles/common/templates/etc/fail2ban/jail.local.j2 index b01709a..3cd19cc 100644 --- a/roles/common/templates/etc/fail2ban/jail.local.j2 +++ b/roles/common/templates/etc/fail2ban/jail.local.j2 @@ -1,36 +1,38 @@ # {{ ansible_managed }} # Do NOT edit this file directly! [DEFAULT] # Destination email address used solely for the interpolations in # jail.{conf,local} configuration files. destemail = admin@fripost.org # "ignoreip" can be a list of IP addresses, CIDR masks or DNS hosts. Fail2ban # will not ban a host which matches an address in this list. Several addresses # can be defined using space (and/or comma) separator. ignoreip = 127.0.0.0/8, ::1, {{ ipsec_subnet }} banaction = nftables-allports -logpath = /var/log/fail2ban/fail2ban.log + +# must match nftables.conf's blackholes timeouts +bantime = 10m # # JAILS # [sshd] enabled = true [postfix] enabled = {{ 'MX' in group_names }} [dovecot] enabled = {{ 'IMAP' in group_names }} [postfix-sasl] enabled = {{ 'MSA' in group_names }} [roundcube-auth] enabled = {{ 'webmail' in group_names }} logpath = /var/log/roundcube/errors.log |