X-Git-Url: https://git.phdru.name/?a=blobdiff_plain;f=playbooks%2Froles%2Fdebian%2Ffirewall%2Ftasks%2Fmain.yml;fp=playbooks%2Froles%2Fdebian%2Ffirewall%2Ftasks%2Fmain.yml;h=e36bd89f3e71e24a838f638ae3325d664be99434;hb=424c41462e9f4f38fdf666f2180342a8268a95c7;hp=0000000000000000000000000000000000000000;hpb=412c5f3f80f4aadecce7e27f6d0f8616a665f48d;p=ansible.git

diff --git a/playbooks/roles/debian/firewall/tasks/main.yml b/playbooks/roles/debian/firewall/tasks/main.yml
new file mode 100644
index 0000000..e36bd89
--- /dev/null
+++ b/playbooks/roles/debian/firewall/tasks/main.yml
@@ -0,0 +1,28 @@
+- name: Install fail2ban
+  become: true
+  apt:
+    cache_valid_time: 3600
+    install_recommends: no
+    name: fail2ban
+    state: latest
+    update_cache: yes
+  notify: Restart firewall
+
+- name: Configure Debian firewall
+  become: true
+  copy:
+    src: etc
+    dest: /
+    owner: root
+    group: root
+    directory_mode: '0750'
+    mode: '0750'
+    force: no
+  notify: Restart firewall
+
+- name: Fix permissions for /etc/network/functions
+  become: true
+  file:
+    path: /etc/network/functions.phd
+    mode: '0640'
+  notify: Restart firewall