48 lines
1.2 KiB
YAML
48 lines
1.2 KiB
YAML
- name: system setup | openssh | install or update daemon package
|
|
tags: openssh,ssh,system,settings
|
|
package:
|
|
name: "{{ openssh_package }}"
|
|
state: latest
|
|
notify: restart_sshd
|
|
|
|
- name: system setup | openssh | enable daemon
|
|
tags: openssh,ssh,system,settings
|
|
service:
|
|
name: "{{ openssh_service }}"
|
|
enabled: yes
|
|
state: started
|
|
|
|
- name: system setup | openssh | generate sshd_config file from template
|
|
tags: openssh,ssh,system,settings
|
|
copy:
|
|
src: system_setup/sshd_custom.conf
|
|
dest: /etc/ssh/sshd_config.d/custom.conf
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: restart_sshd
|
|
|
|
- name: system setup | openssh | install fail2ban
|
|
tags: fail2ban,ssh,system,settings
|
|
package:
|
|
name: fail2ban
|
|
state: latest
|
|
notify: restart_fail2ban
|
|
|
|
-name: system setup | openssh | enable fail2ban
|
|
tags: fail2ban,ssh,system,settings
|
|
service:
|
|
name: fail2ban
|
|
enabled: yes
|
|
notify: restart_fail2ban
|
|
|
|
-name: system setup | openssh | copy local jail for fail2ban
|
|
tags: fail2ban,ssh,system,settings
|
|
copy:
|
|
src: system_setup/jail.local
|
|
dest: /etc/fail2ban/jail.local
|
|
owner: root
|
|
group: root
|
|
mode: '0644'
|
|
notify: restart_fail2ban
|