]> git-server-git.apps.pok.os.sepia.ceph.com Git - ceph-cm-ansible.git/commitdiff
public_facing: Support overriding fail2ban bantime per service 421/head
authorDavid Galloway <dgallowa@redhat.com>
Thu, 15 Nov 2018 15:38:52 +0000 (10:38 -0500)
committerDavid Galloway <dgallowa@redhat.com>
Thu, 15 Nov 2018 15:38:52 +0000 (10:38 -0500)
Signed-off-by: David Galloway <dgallowa@redhat.com>
roles/public_facing/README.rst
roles/public_facing/templates/f2b.service.j2

index b5a29adeafd69109120563fdc10dc3d85fb54181..186bfc9fade24fe68cb546b60752a22bda1e21b9 100644 (file)
@@ -46,6 +46,7 @@ Defined in ``roles/public_facing/defaults/main.yml``  Override these in the ansi
         maxretry: 3
         filter: "sshd-ddos"
         logpath: "{{ sshd_logpath }}"
+        bantime: -1 # optionally set in host_vars
 
     # Note: sshd_logpath gets defined automatically in roles/public_facing/tasks/fail2ban.yml
 
index 9d176d29f9e3cba1668c39b8abaf5d0892c69456..b0c09c8e67b8d348f1e251c78eabd983260ae355 100644 (file)
@@ -18,3 +18,6 @@ logpath = {{ item.value.logpath }}
 {% if item.value.filter is defined %}
 filter = {{ item.value.filter }}
 {% endif %}
+{% if item.value.bantime is defined %}
+bantime = {{ item.value.bantime }}
+{% endif %}