ansible-role-gitea/tasks/fail2ban.yml

27 lines
735 B
YAML
Raw Permalink Normal View History

---
2019-03-09 14:38:48 -06:00
- name: Install fail2ban filter
Upgrade/ansible version 2.10 (#84) * added new vars for lfs remote usage git lfs can be hosted elsewhere and therefore need some config * added configuration describtion for lfs vars * added new vars for notifications * added describtion for new vars for mail notis * added gitea_lfs_secret describtion to README * remove whitespaces and lines * upgraded minimum ansible version to 2.10 * refactored coansible to use minimum version 2.10 * Cleanup template (#85) improve template and create loglevel variable * update requirements for molecule (#78) * start upgrading requirements * add some more updated requirements * add another junk * add another junk * update ansible version * modify backup on upgrade (#81) * create backup direcotry create a backup folder and move the gitea backup to backup.yml * make the backup on update optional Documentation and introduction of the variable `gitea_backup_on_upgrade: false` * change become_method to sudo change become_method to sudo as suggested by @wzzrd. removed become_flags. * Full path to gitea binary in backup task. thanks to @wzzrd * update gitea to 1.13.4 (#86) The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4). The current master of this role is not able to do a version update properly. PLEASE first merge https://github.com/thomas-maurice/ansible-role-gitea/pull/81 * Bump pyyaml from 5.3.1 to 5.4 (#89) Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4. - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES) - [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * bump gitea version (#87) fixes security issues https://github.com/go-gitea/gitea/releases/tag/v1.13.6 * added new vars for lfs remote usage git lfs can be hosted elsewhere and therefore need some config added configuration describtion for lfs vars added new vars for notifications added describtion for new vars for mail notis added gitea_lfs_secret describtion to README remove whitespaces and lines upgraded minimum ansible version to 2.10 refactored coansible to use minimum version 2.10 Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Timmerman <jens.timmerman@gmail.com>
2021-04-10 12:07:02 -05:00
ansible.builtin.template:
src: fail2ban/filter.conf.j2
dest: /etc/fail2ban/filter.d/gitea.conf
owner: root
group: root
mode: 0444
notify: Restart fail2ban
when: "'fail2ban' in ansible_facts.packages"
2019-03-09 14:38:48 -06:00
- name: Install fail2ban jail
Upgrade/ansible version 2.10 (#84) * added new vars for lfs remote usage git lfs can be hosted elsewhere and therefore need some config * added configuration describtion for lfs vars * added new vars for notifications * added describtion for new vars for mail notis * added gitea_lfs_secret describtion to README * remove whitespaces and lines * upgraded minimum ansible version to 2.10 * refactored coansible to use minimum version 2.10 * Cleanup template (#85) improve template and create loglevel variable * update requirements for molecule (#78) * start upgrading requirements * add some more updated requirements * add another junk * add another junk * update ansible version * modify backup on upgrade (#81) * create backup direcotry create a backup folder and move the gitea backup to backup.yml * make the backup on update optional Documentation and introduction of the variable `gitea_backup_on_upgrade: false` * change become_method to sudo change become_method to sudo as suggested by @wzzrd. removed become_flags. * Full path to gitea binary in backup task. thanks to @wzzrd * update gitea to 1.13.4 (#86) The current release of gitea is [v1.13.4](https://github.com/go-gitea/gitea/releases/tag/v1.13.4). The current master of this role is not able to do a version update properly. PLEASE first merge https://github.com/thomas-maurice/ansible-role-gitea/pull/81 * Bump pyyaml from 5.3.1 to 5.4 (#89) Bumps [pyyaml](https://github.com/yaml/pyyaml) from 5.3.1 to 5.4. - [Release notes](https://github.com/yaml/pyyaml/releases) - [Changelog](https://github.com/yaml/pyyaml/blob/master/CHANGES) - [Commits](https://github.com/yaml/pyyaml/compare/5.3.1...5.4) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * bump gitea version (#87) fixes security issues https://github.com/go-gitea/gitea/releases/tag/v1.13.6 * added new vars for lfs remote usage git lfs can be hosted elsewhere and therefore need some config added configuration describtion for lfs vars added new vars for notifications added describtion for new vars for mail notis added gitea_lfs_secret describtion to README remove whitespaces and lines upgraded minimum ansible version to 2.10 refactored coansible to use minimum version 2.10 Co-authored-by: L3D <l3d@c3woc.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Timmerman <jens.timmerman@gmail.com>
2021-04-10 12:07:02 -05:00
ansible.builtin.template:
src: fail2ban/jail.conf.j2
dest: /etc/fail2ban/jail.d/gitea.conf
owner: root
group: root
mode: 0444
notify: Restart fail2ban
when: "'fail2ban' in ansible_facts.packages"
- name: warn if fail2ban is not installed
ansible.builtin.fail:
msg: "the package fail2ban is not installed. no fail2ban filters deployed."
when: "'fail2ban' not in ansible_facts.packages"
ignore_errors: true