mmckinnon/homelab
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

chore: turn off fail2ban
All checks were successful
Deploy / Prepare Build (push) Successful in 33s
Details

Browse Source
This commit is contained in:
Matthew McKinnon
2025-09-22 20:15:24 +10:00
parent c9703e6d0b
commit 527bc8d4dc
1 changed files with 29 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
main.yml
View File

@ -23,35 +23,35 @@
- role: geerlingguy.docker - role: geerlingguy.docker
docker_users: docker_users:
- administrator - administrator
- role: grzegorzfranus.fail2ban # - role: grzegorzfranus.fail2ban
vars: # vars:
fail2ban_ignoreip: # fail2ban_ignoreip:
- 127.0.0.1/8 # loopback # - 127.0.0.1/8 # loopback
- 10.0.0.0/8 # Private # - 10.0.0.0/8 # Private
- 172.16.0.0/12 # Private # - 172.16.0.0/12 # Private
- 192.168.0.0/16 # Private # - 192.168.0.0/16 # Private
- 169.254.0.0/16 # link-local / APIPA # - 169.254.0.0/16 # link-local / APIPA
- 100.64.0.0/10 # CGNAT # - 100.64.0.0/10 # CGNAT
- 203.0.113.0/24 # TEST-NETs # - 203.0.113.0/24 # TEST-NETs
- 192.0.2.0/24 # TEST-NETs # - 192.0.2.0/24 # TEST-NETs
- 198.51.100.0/24 # TEST-NETs # - 198.51.100.0/24 # TEST-NETs
- ::1 # ULA - fc00::/7 # Private # - ::1 # ULA - fc00::/7 # Private
- fe80::/10 # Private # - fe80::/10 # Private
fail2ban_bantime: "1h" # fail2ban_bantime: "1h"
fail2ban_findtime: "30m" # fail2ban_findtime: "30m"
fail2ban_maxretry: 3 # fail2ban_maxretry: 3
fail2ban_custom_jail_files: # fail2ban_custom_jail_files:
- name: sshd-strict # This will create /etc/fail2ban/jail.d/sshd-strict.conf # - name: sshd-strict # This will create /etc/fail2ban/jail.d/sshd-strict.conf
content: | # content: |
[sshd-strict] # [sshd-strict]
enabled = true # enabled = true
filter = sshd # filter = sshd
port = ssh # port = ssh
logpath = journal # logpath = journal
backend = systemd # backend = systemd
maxretry = 3 # maxretry = 3
bantime = 3600 # bantime = 3600
findtime = 300 # findtime = 300
tags: base_install tags: base_install