61 lines
1.6 KiB
YAML
61 lines
1.6 KiB
YAML
---
|
|
- name: Install and configure Fail2ban with Mattermost notifications
|
|
hosts: servers
|
|
become: yes
|
|
gather_facts: no
|
|
vars:
|
|
ssh_port: "{{ ssh_port }}"
|
|
mattermost_webhook: "{{ mattermost_webhook }}"
|
|
|
|
tasks:
|
|
- name: Install Fail2ban
|
|
apt:
|
|
name: fail2ban
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Install iptables
|
|
apt:
|
|
name: iptables
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Ensure Fail2ban service is started and enabled
|
|
systemd:
|
|
name: fail2ban
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Configure Fail2ban jail.local
|
|
copy:
|
|
dest: /etc/fail2ban/jail.local
|
|
content: |
|
|
[sshd]
|
|
enabled = true
|
|
port = {{ ssh_port }}
|
|
filter = sshd
|
|
maxretry = 3
|
|
findtime = 600
|
|
bantime = 1800
|
|
backend = systemd
|
|
action = iptables-multiport[name=SSH, port={{ ssh_port }}, protocol=tcp, chain=INPUT, blocktype=DROP] mattermost
|
|
notify: Restart Fail2ban
|
|
|
|
- name: Create Mattermost action file
|
|
copy:
|
|
dest: /etc/fail2ban/action.d/mattermost.conf
|
|
content: |
|
|
[Definition]
|
|
actionstart =
|
|
actionstop =
|
|
actionban = curl -X POST -H "Content-Type: application/json" --data "{\"text\": \"🚨 *$(hostname -s)* : **Fail2ban** a banni l'IP **<ip>** après trop d'échecs SSH 🚨\"}" "https://mattermost.yeagerdan.com/hooks/c5nmzrf64fd33b1iqnm6zmt48o"
|
|
actionunban =
|
|
notify: Restart Fail2ban
|
|
|
|
handlers:
|
|
- name: Restart Fail2ban
|
|
systemd:
|
|
name: fail2ban
|
|
state: restarted
|
|
|