Skip to content
Snippets Groups Projects
Commit 43346121 authored by Filip Polbratt's avatar Filip Polbratt
Browse files

Move fail2ban jail configuration to hiera

parent b5140035
No related branches found
No related tags found
No related merge requests found
Pipeline #562 canceled
...@@ -2,3 +2,22 @@ ...@@ -2,3 +2,22 @@
lysnetwork::ssh::server_package: openssh-server lysnetwork::ssh::server_package: openssh-server
lysnetwork::ssh::client_package: openssh lysnetwork::ssh::client_package: openssh
lysnetwork::ssh::service_name: ssh lysnetwork::ssh::service_name: ssh
lysnetwork::fail2ban::config:
DEFAULT:
banaction: iptables-multiport
ignoreip: 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 130.236.254.0/24
backend: systemd
sshd:
enabled: true
findtime: 3600
maxretry: 5
sshlongterm:
banaction: iptables-multiport
port: ssh
logpath: "%(sshd_log)s"
maxretry: 30
findtime: 259200
bantime: 608400
enabled: true
filter: sshd
\ No newline at end of file
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment