X-Git-Url: https://git.phdru.name/?a=blobdiff_plain;f=playbooks%2Fdebian%2Froles%2Ffirewall%2Ftasks%2Fmain.yml;fp=playbooks%2Fdebian%2Froles%2Ffirewall%2Ftasks%2Fmain.yml;h=02d5b206ed69e8195901b0db5b3a703461233deb;hb=2f99edf4242d4378f68da2b4d77efb8aa33bd445;hp=0000000000000000000000000000000000000000;hpb=e04e6116652d0496b51bd2dec7507c5fac209d73;p=ansible.git

diff --git a/playbooks/debian/roles/firewall/tasks/main.yml b/playbooks/debian/roles/firewall/tasks/main.yml
new file mode 100644
index 0000000..02d5b20
--- /dev/null
+++ b/playbooks/debian/roles/firewall/tasks/main.yml
@@ -0,0 +1,27 @@
+- name: Install fail2ban
+  become: true
+  apt:
+    install_recommends: no
+    name: fail2ban
+    state: latest
+    update_cache: yes
+
+- name: Configure Debian firewall
+  become: true
+  copy:
+    src: etc
+    dest: /
+    owner: root
+    group: root
+    mode: '0750'
+    force: no
+
+- name: Fix permissions for /etc/network/functions
+  become: true
+  file:
+    path: /etc/network/functions.phd
+    mode: '0640'
+
+- name: Start Debian firewall
+  become: true
+  command: /etc/init.d/iptables.sh start