Skip to content
Snippets Groups Projects
Verified Commit 17e8ab15 authored by Evangelos Foutras's avatar Evangelos Foutras :smiley_cat:
Browse files

fail2ban: remove redundant fail2ban_jails overrides

group_vars/all was enabling just the sshd jail so move this into the
fail2ban role defaults. patchwork, security and wiki were redefining
fail2ban_jails without deviating from the group_vars/all default and
can therefore be dropped.
parent d7139019
No related branches found
No related tags found
No related merge requests found
Pipeline #32352 passed
......@@ -11,9 +11,3 @@ maintenance_remote_machine: "{{ hostvars[inventory_hostname]['ansible_env'].SSH_
# prometheus-node-exporter port
prometheus_exporter_port: '9100'
prometheus_memcached_exporter_port: '9150'
fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
......@@ -2,12 +2,5 @@ filesystem: btrfs
memcached_socket: "/run/memcached/patchwork.sock"
fetchmail_user: "patchwork@archlinux.org"
fetchmail_delivery_cmd: "/usr/local/bin/patchwork-parsemail-wrapper.sh"
fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
wireguard_address: 10.0.0.23
wireguard_public_key: DVeDuKQKf4FzfgS8hp3iZj1tD7gi3SJm8GqDfA+XZn4=
filesystem: btrfs
fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
wireguard_address: 10.0.0.24
wireguard_public_key: CENgItOHJI/lLUNcUNpC+1oZJBvX/G+nemAKZYfCSCw=
filesystem: btrfs
memcached_socket: "/run/memcached/archwiki.sock"
fail2ban_jails:
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
wireguard_address: 10.0.0.22
wireguard_public_key: bZeNWMLtyNDaFR7jjWr06nNZt/vV/OKNleV7XZZs+lc=
# by default all jails are disabled
# override this variable in a host/group file to define which jails to enable
# by default only the sshd jail is enabled
# override this variable in a host/group file to enable additional jails
fail2ban_jails:
sshd: false
sshd: true
postfix: false
dovecot: false
nginx_limit_req: false
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment