Jose/ansible_role_proxmox_provision
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'chore 📦: Update build scripts for CI/CD pipeline' (#47) from dev into main
All checks were successful
ansible-lint / Ansible Lint (push) Successful in 12s
Details
Gitleaks Scan / gitleaks (push) Successful in 4s
Details
Markdown Lint / markdown-lint (push) Successful in 5s
Details

Browse Source 
Reviewed-on: #47
This commit was merged in pull request #47.
This commit is contained in:
Jose
2026-03-01 12:02:41 +01:00
parent 4b80cfe531 3054a97d15
commit 465ecfefc8
1 changed files with 27 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
tasks/fail2ban.yml
View File

@@ -279,35 +279,35 @@
enabled: true
state: started
#################################################
# List banned IPs cluster-wide
#################################################
# #################################################
# # List banned IPs cluster-wide
# #################################################
- name: fail2ban | Get banned IPs from Proxmox IPSet
ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }}
register: banned_ips
changed_when: false
failed_when: false
# - name: fail2ban | Get banned IPs from Proxmox IPSet
# ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }}
# register: banned_ips
# changed_when: false
# failed_when: false
- name: fail2ban | Show banned IPs
ansible.builtin.debug:
msg: >
Current banned IPs (cluster-wide):
{{ banned_ips.stdout_lines | default([]) }}
# - name: fail2ban | Show banned IPs
# ansible.builtin.debug:
# msg: >
# Current banned IPs (cluster-wide):
# {{ banned_ips.stdout_lines | default([]) }}
#################################################
# Manual unban
#################################################
# #################################################
# # Manual unban
# #################################################
- name: fail2ban | Unban specific IP
ansible.builtin.command: >
pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }}
when: f2b_unban_ip is defined and f2b_unban_ip | length > 0
register: unban_result
changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0"
failed_when: false
# - name: fail2ban | Unban specific IP
# ansible.builtin.command: >
# pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }}
# when: f2b_unban_ip is defined and f2b_unban_ip | length > 0
# register: unban_result
# changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0"
# failed_when: false
- name: fail2ban | Report unban result
ansible.builtin.debug:
msg: "Unbanned IP {{ f2b_unban_ip }}"
when: f2b_unban_ip | length > 0
# - name: fail2ban | Report unban result
# ansible.builtin.debug:
# msg: "Unbanned IP {{ f2b_unban_ip }}"
# when: f2b_unban_ip | length > 0