Merge pull request 'feat ✨: Add Fail2ban integration with Proxmox Firewall' (#43 ) from dev into main

Reviewed-on: #43
Merge pull request 'feat ✨: Add new task to stop log2ram before extracting it' (#42 ) from dev into main
2026-02-24 19:22:28 +01:00 · 2026-02-16 20:54:28 +01:00 · 2026-02-16 19:31:01 +01:00 · 2026-02-16 18:50:07 +01:00 · 2026-02-16 18:28:08 +01:00 · 2026-02-16 17:58:40 +01:00
5 changed files with 201 additions and 334 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -49,10 +49,10 @@ vm_dirty_background_ratio: 5
 vm_swappiness: "{{ proxmox_swapiness }}"

 # Fail2ban settings
-f2b_bantime: 600              # 10 minutes
-f2b_findtime: 1200            # 20 minutes
+f2b_bantime: 1800             # 30 minutes
+f2b_findtime: 600
 f2b_maxretry: 5
-f2b_recidive_bantime: 3600     # 1 hours
+f2b_recidive_bantime: 86400    # 24 hours
 f2b_recidive_findtime: 86400   # 24 hours
 f2b_recidive_maxretry: 3
 f2b_ipset_name: f2b-blacklist
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -32,18 +32,10 @@
  ansible.builtin.systemd:
    daemon_reload: true

- name: Reload fail2ban
-  ansible.builtin.systemd:
-    name: fail2ban
-    state: reloaded
-    enabled: true
-
 - name: Restart fail2ban
  ansible.builtin.systemd:
    name: fail2ban
-    state: restarted
-    enabled: true
-
+    state: reloaded

 - name: Reload pve firewall
  ansible.builtin.command: pve-firewall reload
--- a/meta/fail2ban.md
+++ b/meta/fail2ban.md
@@ -1,110 +0,0 @@
-# Fail2Ban Integration with Proxmox Firewall
-
-This Ansible playbook deploys and configures **Fail2Ban** on a Proxmox VE
-environment, integrating it with the **Proxmox firewall** for cluster-aware
-IP banning. It supports both single-node and clustered Proxmox setups.
-
---
-
-## Features
-
- Detects Proxmox VE installation.
- Checks cluster filesystem (`pmxcfs`) and quorum before modifying firewall.
- Detects cluster membership via `corosync.conf`.
- Installs and configures Fail2Ban with:
-  - SSH protection
-  - Proxmox GUI / AD login protection
-  - Progressive ban escalation (recidive jail)
- Deploys a **cluster-aware Fail2Ban action** (`proxmox-fw`) for Proxmox
-  firewall integration.
- Ensures safe firewall updates without affecting Corosync ports (5404/5405).
- Supports single-node Fail2Ban using `iptables-multiport`.
- Enables and starts the Fail2Ban service.
- Provides tasks to list or manually unban IPs in the cluster.
-
---
-
-## Requirements
-
- **Proxmox VE** (any supported version)
- **Ansible** ≥ 2.9
- Root or sudo access on target nodes
- Proxmox firewall enabled for cluster-wide banning (optional, but recommended)
-
---
-
-## Variables
-
-The playbook uses the following variables (can be defined in a `vars` file or
-inventory group vars):
-
-| Variable                | Description                     | Default         |
-|-------------------------|---------------------------------|-----------------|
-| `f2b_bantime`           | Ban per tentativi falliti       | `600s`          |
-| `f2b_findtime`          | Finestra per contare fallimenti | `1200s`         |
-| `f2b_maxretry`          | Tentativi prima del ban         | `5`             |
-| `f2b_bantime_increment` | Abilita ban incrementale        | `true`          |
-| `f2b_bantime_factor`    | Fattore aumento ban             | `2`             |
-| `f2b_bantime_max`       | Durata massima del ban          | `7d`            |
-| `f2b_recidive_bantime`  | Ban per recidiva                | `3600`          |
-| `f2b_recidive_findtime` | Finestra recidiva               | `86400`         |
-| `f2b_recidive_maxretry` | Tentativi recidiva              | `3`             |
-| `f2b_ipset_name`        | Nome IPSet per IP bannati       | `f2b-blacklist` |
-| `f2b_unban_ip`          | IP da sbloccare                 | `""`            |
-
-> All `clustered` and `pmxcfs_running` checks default to `false` to prevent
-> errors on non-clustered or single-node setups.
-
---
-
-## Usage
-
-### 1. Apply the playbook
-
-```bash
-ansible-playbook -i inventory fail2ban-proxmox.yml
-```
-
-### 2. List current banned IPs
-
-```bash
-ansible-playbook \
-  -i inventory \
-  fail2ban-proxmox.yml \
-  -e "f2b_ipset_name=fail2ban" \
-  -t list_banned
-```
-
-### 3. Unban a specific IP
-
-```bash
-ansible-playbook -i inventory fail2ban-proxmox.yml -e "f2b_unban_ip=1.2.3.4"
-```
-
-## How It Works
-
- Detects Proxmox – ensures the playbook runs only on Proxmox VE hosts.
- Cluster safety checks – verifies /etc/pve/.members and corosync.conf
-  for quorum.
- Installs Fail2Ban – ensures /etc/fail2ban/jail.local exists and applies
-  configuration.
- Cluster-aware action – for clustered nodes, Fail2Ban bans are added to
-  Proxmox firewall and compiled immediately (pve-firewall compile).
- Single-node fallback – uses iptables-multiport for nodes not in
-  a cluster.
- Corosync protection – prevents firewall rules from dropping cluster
-  communication ports (5404/5405).
-
-## Notes & Safety
-
- The playbook does not copy jail.conf, only manages jail.local.
- Firewall rules for clustered nodes are only modified if quorum exists.
- pve-firewall compile is called safely (>/dev/null 2>&1 || true)
-  to prevent playbook failure on minor compilation warnings.
- Manual unban is supported via f2b_unban_ip variable.
- Always verify that the Proxmox firewall is enabled when using
-  cluster-wide bans.
-
-## License
-
-MIT License
--- a/tasks/fail2ban.yml
+++ b/tasks/fail2ban.yml
@@ -4,138 +4,17 @@
 # -------------------------------------------------

 #################################################
-# Detect Proxmox
+# Detect cluster
 #################################################

- name: fail2ban | Detect Proxmox
-  ansible.builtin.stat:
-    path: /usr/bin/pveversion
-  register: pve_installed
-
-#################################################
-# Ensure pmxcfs is mounted (cluster filesystem)
-#################################################
-
- name: fail2ban | Check pmxcfs cluster filesystem
-  ansible.builtin.stat:
-    path: /etc/pve/.members
-  register: pmxcfs_running
-  when: pve_installed.stat.exists | default(false)
-
- name: fail2ban | Warn if pmxcfs not mounted (no quorum)
-  ansible.builtin.debug:
-    msg: >
-      /etc/pve is not mounted or node has no quorum.
-      Refusing to modify cluster firewall.
-  when:
-    - pve_installed.stat.exists | default(false)
-    - not pmxcfs_running.stat.exists
-
-#################################################
-# Detect cluster membership
-#################################################
-
- name: fail2ban | Detect Proxmox cluster membership
+- name: fail2ban | Detect Proxmox cluster
  ansible.builtin.stat:
    path: /etc/pve/corosync.conf
-  register: clustered
-  when: pmxcfs_running.stat.exists | default(false)
+  register: cluster_status

- name: fail2ban | Warn if corosync.conf is missing
-  ansible.builtin.debug:
-    msg: >
-      node has no quorum.
-      Refusing to modify cluster firewall.
-  when:
-    - pve_installed.stat.exists | default(false)
-    - pmxcfs_running.stat.exists | default(false)
-    - not clustered.stat.exists
-
-#################################################
-# Install Fail2Ban
-#################################################
-
- name: fail2ban | Install fail2ban
-  ansible.builtin.apt:
-    name: fail2ban
-    state: present
-    update_cache: true
-
-#################################################
-# Ensure jail.local exists (do NOT copy jail.conf)
-#################################################
-
- name: fail2ban | Ensure jail.local exists
-  ansible.builtin.file:
-    path: /etc/fail2ban/jail.local
-    state: touch
-    owner: root
-    group: root
-    mode: '0644'
-
-#################################################
-# Configure Fail2Ban jails
-#################################################
-
- name: fail2ban | Configure Fail2Ban jails
-  ansible.builtin.blockinfile:
-    dest: /etc/fail2ban/jail.local
-    marker: "# {mark} ANSIBLE MANAGED BLOCK - PROXMOX"
-    block: |
-      # jail.conf (default)
-      # jail.local (override defaults)
-      [DEFAULT]
-      bantime  = {{ f2b_bantime }}
-      findtime = {{ f2b_findtime }}
-      maxretry = {{ f2b_maxretry }}
-      bantime.increment = {{ f2b_bantime_increment }}
-      bantime.factor = {{ f2b_bantime_factor }}
-      bantime.maxtime = {{ f2b_bantime_max }}
-      backend  = systemd
-      banaction = {% if (clustered.stat.exists | default(false)) %} proxmox-fw{% else %} iptables-multiport{% endif %}
-      ignoreip = 127.0.0.1/8 192.168.2.0/24
-
-      #################################################
-      # SSH
-      #################################################
-      [sshd]
-      enabled = true
-
-      #################################################
-      # Proxmox GUI + AD authentication
-      #################################################
-      [proxmox]
-      enabled  = true
-      port = https,http,8006
-      filter   = proxmox
-
-      #################################################
-      # Progressive escalation (recidive)
-      #################################################
-      [recidive]
-      enabled  = true
-      filter   = recidive
-      logpath  = /var/log/fail2ban.log
-      bantime  = {{ f2b_recidive_bantime }}
-      findtime = {{ f2b_recidive_findtime }}
-      maxretry = {{ f2b_recidive_maxretry }}
-      banaction = {% if (clustered.stat.exists | default(false)) %} proxmox-fw{% else %} iptables-multiport{% endif %}
-  notify:
-    - Reload fail2ban
-
- name: fail2ban | Place Proxmox filter definition
-  ansible.builtin.copy:
-    dest: /etc/fail2ban/filter.d/proxmox.conf
-    content: |
-      [Definition]
-      failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
-      ignoreregex =
-      journalmatch = _SYSTEMD_UNIT=pvedaemon.service
-    owner: root
-    group: root
-    mode: '0644'
-  notify:
-    - Reload fail2ban
+- name: fail2ban | Set cluster fact
+  ansible.builtin.set_fact:
+    pve_clustered: "{{ cluster_status.stat.exists }}"

 #################################################
 # Determine Correct Firewall File
@@ -144,23 +23,15 @@
 - name: fail2ban | Get Proxmox node name
  ansible.builtin.set_fact:
    pve_node: "{{ ansible_hostname }}"
-  when: not clustered.stat.exists

 - name: fail2ban | Set firewall config path
  ansible.builtin.set_fact:
    pve_firewall_config: >-
      {{
        '/etc/pve/firewall/cluster.fw'
-        if clustered.stat.exists
-        else '/etc/pve/nodes/' + pve_node + '/host.fw'
+        if pve_clustered
+        else '/etc/pve/firewall/' + pve_node.stdout + '.fw'
      }}
-  when: pve_installed.stat.exists | default(false)
-
- name: fail2ban | Show firewall config path
-  ansible.builtin.debug:
-    msg: >
-      WARNING: Proxmox firewall config path is:  {{ pve_firewall_config}}
-  when: pve_firewall_config is defined

 #################################################
 # Detect firewall configuration
@@ -170,27 +41,19 @@
  ansible.builtin.stat:
    path: "{{ pve_firewall_config }}"
  register: fw_stat
-  when: pve_firewall_config is defined

 - name: fail2ban | Read firewall config
  ansible.builtin.slurp:
    src: "{{ pve_firewall_config }}"
  register: fw_content
-  when: fw_stat.stat.exists | default(false)
-
- name: fail2ban | Debug config contents
-  ansible.builtin.debug:
-    msg: >
-      {{ fw_content }}
-  when: fw_stat.stat.exists | default(false)
+  when: fw_stat.stat.exists

 - name: fail2ban | Determine if firewall enabled
  ansible.builtin.set_fact:
    pve_firewall_enabled: >-
      {{
        fw_stat.stat.exists and
-        (fw_content.content | b64decode)
-        is search('^enable:\s*1$', multiline=True)
+        (fw_content.content | b64decode) is search('enable:\s*1')
      }}

 - name: fail2ban | Warn if firewall not enabled
@@ -209,18 +72,13 @@
  register: pve_fw_status
  changed_when: false
  failed_when: false
-  when: pmxcfs_running.stat.exists | default(false)

 - name: fail2ban | Abort if firewall daemon not running
-  ansible.builtin.debug:
+  ansible.builtin.fail:
    msg: >
      Proxmox firewall service is not running.
-      You can run: systemctl enable --now pve-firewall
-  when:
-    - pve_fw_status is defined
-    - pve_fw_status.rc != 0
-    - fw_stat.stat.exists | default(false)
-    - pmxcfs_running.stat.exists | default(false)
+      Run: systemctl enable --now pve-firewall
+  when: pve_fw_status.rc != 0

 #################################################
 # Corosync safety validation
@@ -230,51 +88,181 @@
  ansible.builtin.command: pve-firewall compile
  register: compiled_fw
  changed_when: false
-  failed_when: compiled_fw.rc != 0
-  when: clustered.stat.exists | default(false)
+  failed_when: fw_compile_check.rc != 0
+  when: cluster_status.stat.exists

 - name: fail2ban | Fail if corosync ports are being dropped
-  ansible.builtin.debug:
+  ansible.builtin.fail:
    msg: >
      Firewall configuration appears to affect Corosync ports (5404/5405).
      Refusing to continue to prevent cluster outage.
  when:
-    - clustered.stat.exists | default(false)
+    - cluster_status.stat.exists
    - compiled_fw.stdout is search('5404.*DROP|5405.*DROP')

 #################################################
-# Deploy cluster-aware Fail2Ban action
+# Install Fail2Ban
 #################################################

- name: fail2ban | Deploy proxmox-fw action
+- name: fail2ban | Install fail2ban
+  ansible.builtin.apt:
+    name: fail2ban
+    state: present
+    update_cache: true
+
+#################################################
+# Create Proxmox firewall IPSet
+#################################################
+
+- name: fail2ban | Add Fail2Ban IPSet to firewall
+  ansible.builtin.blockinfile:
+    path: "{{ pve_firewall_config }}"
+    marker: "# {mark} ANSIBLE FAIL2BAN IPSET"
+    insertbefore: BOF
+    block: |
+      [IPSET {{ f2b_ipset_name }}]
+      comment: Fail2Ban dynamic blacklist
+    create: false
+    register: ipset_change
+  notify: Reload pve firewall
+  # noqa risky-file-permissions
+
+- name: fail2ban | Add drop rule for Fail2Ban IPSet
+  ansible.builtin.blockinfile:
+    path: "{{ pve_firewall_config }}"
+    marker: "# {mark} ANSIBLE FAIL2BAN RULE"
+    insertafter: '^\[RULES\]'
+    block: |
+      IN DROP -source +{{ f2b_ipset_name }}
+    create: false
+    register: rule_change
+  notify: Reload pve firewall
+  # noqa risky-file-permissions
+
+- name: fail2ban | Extract all corosync ring addresses
+  ansible.builtin.shell: |
+    set -o pipefail
+    awk '/ring[0-9]+_addr/ {print $2}' /etc/pve/corosync.conf
+  args:
+    executable: /bin/bash
+  register: corosync_ips
+  changed_when: false
+  when: pve_clustered
+
+- name: fail2ban | Determine CIDR for each corosync IP
+  ansible.builtin.command: ip route get {{ item }}
+  register: corosync_routes
+  changed_when: false
+  loop: "{{ corosync_ips.stdout_lines }}"
+  when: pve_clustered
+
+- name: fail2ban | Extract network CIDRs
+  ansible.builtin.set_fact:
+    corosync_networks: >-
+      {{
+        corosync_routes.results
+        | map(attribute='stdout')
+        | map('regex_search', 'src ([0-9.]+)/([0-9]+)', '\\1/\\2')
+        | list
+      }}
+  when: pve_clustered
+
+- name: fail2ban | Validate Proxmox firewall configuration
+  ansible.builtin.command: pve-firewall compile
+  when: ipset_change.changed or rule_change.changed
+  changed_when: false
+  failed_when: fw_compile_check.rc != 0
+  register: fw_compile_check
+
+# Then automatically whitelist it in Fail2Ban:
+# ignoreip = 127.0.0.1/8 {{ corosync_ip.stdout }}
+
+#################################################
+# Create Fail2Ban Proxmox action
+#################################################
+
+- name: fail2ban | Create Proxmox firewall action
  ansible.builtin.copy:
    dest: /etc/fail2ban/action.d/proxmox-fw.conf
-    owner: root
-    group: root
    mode: '0644'
    content: |
      [Definition]
-
-      fwfile = {{ pve_firewall_config }}
-
-      rule = DROP    -source <ip> -log nolog
-
-      actionban = \
-          if [ -f <fwfile> ]; then \
-              grep -qF "<rule>" <fwfile> || echo "<rule>" >> <fwfile>; \
-              pve-firewall compile >/dev/null 2>&1 || true; \
-          fi
-
-      actionunban = \
-          if [ -f <fwfile> ]; then \
-              sed -i "\|<rule>|d" <fwfile>; \
-              pve-firewall compile >/dev/null 2>&1 || true; \
-          fi
-
      actionstart =
      actionstop =
-  when:
-    - clustered.stat.exists | default(false)
+      actioncheck =
+      actionban = /usr/sbin/pve-firewall ipset add {{ f2b_ipset_name }} <ip>
+      actionunban = /usr/sbin/pve-firewall ipset del {{ f2b_ipset_name }} <ip>
+
+#################################################
+# Configure AD-aware jail
+#################################################
+
+- name: fail2ban | Ensure jail.d exists
+  ansible.builtin.file:
+    path: /etc/fail2ban/jail.d
+    state: directory
+    mode: '0755'
+
+- name: fail2ban | Configure Fail2Ban jails
+  ansible.builtin.copy:
+    dest: /etc/fail2ban/jail.d/proxmox.conf
+    mode: '0644'
+    content: |
+      [DEFAULT]
+      bantime  = {{ f2b_bantime }}
+      findtime = {{ f2b_findtime }}
+      maxretry = {{ f2b_maxretry }}
+      bantime.increment = {{ f2b_bantime_increment }}
+      bantime.factor = {{ f2b_bantime_factor }}
+      bantime.max = {{ f2b_bantime_max }}
+      backend  = systemd
+      banaction = proxmox-fw
+      ignoreip = 127.0.0.1/8{% if pve_clustered %} {{ corosync_networks | join(' ') }}{% endif %} 192.168.2.0/24
+
+      #################################################
+      # SSH
+      #################################################
+      [sshd]
+      enabled = true
+      journalmatch = _SYSTEMD_UNIT=sshd.service
+
+      #################################################
+      # Proxmox GUI + AD authentication
+      #################################################
+      [proxmox-auth]
+      enabled  = true
+      port     = https,8006
+      filter   = proxmox-auth
+      logpath  = /var/log/pveproxy/access.log
+
+      #################################################
+      # Progressive escalation (recidive)
+      #################################################
+      [recidive]
+      enabled  = true
+      filter   = recidive
+      logpath  = /var/log/fail2ban.log
+      bantime  = {{ f2b_recidive_bantime }}
+      findtime = {{ f2b_recidive_findtime }}
+      maxretry = {{ f2b_recidive_maxretry }}
+      banaction = proxmox-fw
+  notify:
+    - Restart fail2ban
+
+#################################################
+# AD / Winbind filter
+#################################################
+
+- name: fail2ban | Create AD-aware filter
+  ansible.builtin.copy:
+    dest: /etc/fail2ban/filter.d/proxmox-auth.conf
+    mode: '0644'
+    content: |
+      [Definition]
+      failregex = authentication failure; rhost=<HOST>
+                  pam_unix\(sshd:auth\): authentication failure;.*rhost=<HOST>
+                  winbind.*authentication for user.*from <HOST> failed
+      ignoreregex =
  notify:
    - Restart fail2ban

@@ -288,35 +276,35 @@
    enabled: true
    state: started

-# #################################################
-# # List banned IPs cluster-wide
-# #################################################
+#################################################
+# List banned IPs cluster-wide
+#################################################

-# - name: fail2ban | Get banned IPs from Proxmox IPSet
-#   ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }}
-#   register: banned_ips
-#   changed_when: false
-#   failed_when: false
+- name: fail2ban | Get banned IPs from Proxmox IPSet
+  ansible.builtin.command: pve-firewall ipset list {{ f2b_ipset_name }}
+  register: banned_ips
+  changed_when: false
+  failed_when: false

-# - name: fail2ban | Show banned IPs
-#   ansible.builtin.debug:
-#     msg: >
-#       Current banned IPs (cluster-wide):
-#       {{ banned_ips.stdout_lines | default([]) }}
+- name: fail2ban | Show banned IPs
+  ansible.builtin.debug:
+    msg: >
+      Current banned IPs (cluster-wide):
+      {{ banned_ips.stdout_lines | default([]) }}

-# #################################################
-# # Manual unban
-# #################################################
+#################################################
+# Manual unban
+#################################################

-# - name: fail2ban | Unban specific IP
-#   ansible.builtin.command: >
-#     pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }}
-#   when: f2b_unban_ip is defined and f2b_unban_ip | length > 0
-#   register: unban_result
-#   changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0"
-#   failed_when: false
+- name: fail2ban | Unban specific IP
+  ansible.builtin.command: >
+    pve-firewall ipset del {{ f2b_ipset_name }} {{ f2b_unban_ip }}
+  when: f2b_unban_ip | length > 0
+  register: unban_result
+  changed_when: "'removed' in unban_result.stdout or unban_result.rc == 0"
+  failed_when: false

-# - name: fail2ban | Report unban result
-#   ansible.builtin.debug:
-#     msg: "Unbanned IP {{ f2b_unban_ip }}"
-#   when: f2b_unban_ip | length > 0
+- name: fail2ban | Report unban result
+  ansible.builtin.debug:
+    msg: "Unbanned IP {{ f2b_unban_ip }}"
+  when: f2b_unban_ip | length > 0
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -42,6 +42,3 @@

 - name: Configure ram usage
  ansible.builtin.import_tasks: ram.yml
-
- name: SetUp fail2ban
-  ansible.builtin.import_tasks: fail2ban.yml
Author	SHA1	Message	Date
Jose	94726374ea	Merge pull request 'feat ✨: Add Fail2ban integration with Proxmox Firewall' (#43 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 13s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Markdown Lint / markdown-lint (push) Successful in 5s Details Mark stale issues and pull requests / stale (push) Successful in 3s Details Reviewed-on: #43	2026-02-24 19:22:28 +01:00
Jose	6f27f0c47c	Merge pull request 'feat ✨: Add new task to stop log2ram before extracting it' (#42 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 12s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Markdown Lint / markdown-lint (push) Successful in 5s Details Mark stale issues and pull requests / stale (push) Successful in 3s Details Reviewed-on: #42	2026-02-16 20:54:28 +01:00
Jose	d36e7c34bf	Merge pull request 'refactor ♻️: Reduce log2ram RAM allocation from 10% to 5%' (#41 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 13s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Markdown Lint / markdown-lint (push) Successful in 5s Details Reviewed-on: #41	2026-02-16 19:31:01 +01:00
Jose	6458a4e0cf	Merge pull request 'chore 📦: Update log2ram version to 1.7.2 and add dynamic versioning in ram.yml' (#40 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 12s Details Markdown Lint / markdown-lint (push) Successful in 6s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Reviewed-on: #40	2026-02-16 18:50:07 +01:00
Jose	2e570f6808	Merge pull request 'feat ✨: Add variable log2ram_host_memtotal_mb for storing host memory total in MB' (#39 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 12s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Markdown Lint / markdown-lint (push) Successful in 6s Details Reviewed-on: #39	2026-02-16 18:28:08 +01:00
Jose	1929ad13af	Merge pull request 'feat ✨: Add variable log2ram_host_memtotal_mb for storing host memory total in MB' (#37 ) from dev into main All checks were successful ansible-lint / Ansible Lint (push) Successful in 12s Details Gitleaks Scan / gitleaks (push) Successful in 4s Details Markdown Lint / markdown-lint (push) Successful in 5s Details Reviewed-on: #37	2026-02-16 17:58:40 +01:00