Ansible Playbooks
Fail2Ban Installation & SSH Configuration
Welcome
This playbook installs fail2ban on the target hosts, deploys a specific fail2ban configuration for SSH security, and restarts the fail2ban service to apply the changes. This helps protect the servers from unauthorized SSH login attempts by blocking IP addresses that exhibit suspicious behavior.
Please be aware, the coding on this site is meant to guide. Testing these scripts in a non-production environment is strongly encouraged. I take no responsibility for use of any scripts on this site or on my github repositories.
Additional information: Click Here (External Resource)Playbook:
---
- name: Install fail2ban and configure sshd
hosts: "{{ my_hosts | d([]) }}"
become: true
tasks:
- name: Install fail2ban
ansible.builtin.apt:
name:
- fail2ban
update_cache: true
- name: Copy fail2ban config file
ansible.builtin.copy:
src: configfiles/debian-sshd-default.conf
dest: /etc/fail2ban/jail.d/debian-sshd-default.conf
mode: '0644'
owner: root
group: root
- name: Restart fail2ban
ansible.builtin.systemd_service:
state: restarted
daemon_reload: true
name: fail2ban