Jose/ansible_role_proxmox_provision
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'chore 📦: Update build scripts for CI/CD pipeline' (#47) from dev into main
All checks were successful
ansible-lint / Ansible Lint (push) Successful in 12s
Details
Gitleaks Scan / gitleaks (push) Successful in 4s
Details
Markdown Lint / markdown-lint (push) Successful in 5s
Details

Browse Source 
Reviewed-on: #47
This commit was merged in pull request #47.
This commit is contained in:
Jose
2026-03-01 12:02:41 +01:00
parent 4b80cfe531 3054a97d15
commit 465ecfefc8
1 changed files with 27 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
tasks/fail2ban.yml
View File

@@ -279,35 +279,35 @@
enabled: true enabled: true
state: started state: started
################################################# # #################################################
# List banned IPs cluster-wide # # List banned IPs cluster-wide
################################################# # #################################################
- name: fail2ban | Get banned IPs from Proxmox IPSet # - name: fail2ban | Get banned IPs from Proxmox IPSet
ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }} # ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }}
register: banned_ips # register: banned_ips
changed_when: false # changed_when: false
failed_when: false # failed_when: false
- name: fail2ban | Show banned IPs # - name: fail2ban | Show banned IPs
ansible.builtin.debug: # ansible.builtin.debug:
msg: > # msg: >
Current banned IPs (cluster-wide): # Current banned IPs (cluster-wide):
{{ banned_ips.stdout_lines | default([]) }} # {{ banned_ips.stdout_lines | default([]) }}
################################################# # #################################################
# Manual unban # # Manual unban
################################################# # #################################################
- name: fail2ban | Unban specific IP # - name: fail2ban | Unban specific IP
ansible.builtin.command: > # ansible.builtin.command: >
pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }} # pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }}
when: f2b_unban_ip is defined and f2b_unban_ip | length > 0 # when: f2b_unban_ip is defined and f2b_unban_ip | length > 0
register: unban_result # register: unban_result
changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0" # changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0"
failed_when: false # failed_when: false
- name: fail2ban | Report unban result # - name: fail2ban | Report unban result
ansible.builtin.debug: # ansible.builtin.debug:
msg: "Unbanned IP {{ f2b_unban_ip }}" # msg: "Unbanned IP {{ f2b_unban_ip }}"
when: f2b_unban_ip | length > 0 # when: f2b_unban_ip | length > 0