klips/ansible/roles/fail2ban/README.md

Fail2ban
=========

An ansible role for installing fail2ban with basic configuration options

Role Variables
--------------

`packages: [fail2ban]`
* A list of packages to install on the server

`ssh_port: 22`
 * The port SSH where is running on the remote server

`relay_host: "[sub.domain.com]:777"`
`sender_email: "senderemail@domain.com"`
 * The relay to route mail through, and a corresponding email to send as

`email: "email@domain.com"`
 * The email address to send alerts to when an IP is banned or jailed

`nginx_botsearch: "true"`
`nginx_http_auth: "true"`
`nginx_nobinary: "true"`
`nginx_nohome: "true"`
`nginx_noproxy: "true"`
`nginx_wplogin: "true"`
`nginx_noscan: "true"`
`nginx_noenv: "true"`
`nginx_noscript: "true"`
`sshd: "true"`
`sshd_badproto: "true"`
* Each of these variables are an existing fail2ban filter with a corresponding
bool to enable or disable them.


Dependencies
------------

Requires that postfix is configured to send email alerts
on behalf of the `sender_email` address.

Example Playbook
----------------

First, make sure all settings within `defaults/main.yml` are correct for your
server. All settings and their purposes are outline in the section above.

Create a new ansible play. You can name it whatever you want, but this
example play will simply be named `fail2ban.yml`.

```yml
---
- hosts: testserver
  become: yes
  roles:
  - fail2ban
```

Make sure the IP for `testserver` is correct in the `/etc/ansible/hosts` file -
```
[testserver]
123.123.123.123:22
```

Run the play!

```bash
ansible-playbook fail2ban.yml
```

License
-------

BSD

Author Information
------------------

Contact: shaunrd0@gmail.com  | URL: www.shaunreed.com | GitHub: shaunrd0
Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			`Fail2ban`
Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00			`=========`

Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			`An ansible role for installing fail2ban with basic configuration options`
Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00
			`Role Variables`
			`--------------`

Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			`packages: [fail2ban]`
			`* A list of packages to install on the server`

			`ssh_port: 22`
			`* The port SSH where is running on the remote server`

			`relay_host: "[sub.domain.com]:777"`
			`sender_email: "senderemail@domain.com"`
			`* The relay to route mail through, and a corresponding email to send as`

			`email: "email@domain.com"`
			`* The email address to send alerts to when an IP is banned or jailed`

			`nginx_botsearch: "true"`
			`nginx_http_auth: "true"`
			`nginx_nobinary: "true"`
			`nginx_nohome: "true"`
			`nginx_noproxy: "true"`
			`nginx_wplogin: "true"`
			`nginx_noscan: "true"`
			`nginx_noenv: "true"`
			`nginx_noscript: "true"`
			`sshd: "true"`
			`sshd_badproto: "true"`
			`* Each of these variables are an existing fail2ban filter with a corresponding`
			`bool to enable or disable them.`

Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00
			`Dependencies`
			`------------`

Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			`Requires that postfix is configured to send email alerts`
			on behalf of the `sender_email` address.
Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00
			`Example Playbook`
			`----------------`

Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			First, make sure all settings within `defaults/main.yml` are correct for your
			`server. All settings and their purposes are outline in the section above.`

			`Create a new ansible play. You can name it whatever you want, but this`
			example play will simply be named `fail2ban.yml`.

			```yml
			`---`
			`- hosts: testserver`
			`become: yes`
			`roles:`
			`- fail2ban`
			```

			Make sure the IP for `testserver` is correct in the `/etc/ansible/hosts` file -
			```
			`[testserver]`
			`123.123.123.123:22`
			```

			`Run the play!`
Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00
Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			```bash
			`ansible-playbook fail2ban.yml`
			```
Add fail2ban role for ansible 2020-04-19 23:30:19 +00:00
			`License`
			`-------`

			`BSD`

			`Author Information`
			`------------------`

Add README for fail2ban + Remove redundant playbooks 2021-05-21 18:09:34 +00:00			`Contact: shaunrd0@gmail.com \| URL: www.shaunreed.com \| GitHub: shaunrd0`