Automatically add overrides for fail2ban unit
This commit is contained in:
parent
5001448a81
commit
ac61739f91
|
@ -79,7 +79,6 @@ complexify his philosophy… (I'm pretty sure, i now did complexify it :D) ^^
|
||||||
* **nft_service_name** : `nftables` service name [default : `nftables`].
|
* **nft_service_name** : `nftables` service name [default : `nftables`].
|
||||||
* **nft_service_enabled** : Set `nftables` service available at startup [default : `true`].
|
* **nft_service_enabled** : Set `nftables` service available at startup [default : `true`].
|
||||||
* **nft__service_protect** : If systemd unit should protect system and home [default : `true`].
|
* **nft__service_protect** : If systemd unit should protect system and home [default : `true`].
|
||||||
* **nft__fail2ban_service** : If the Nftables service should also restart the Fail2ban service [default : `False`].
|
|
||||||
* **nft_merged_groups** : If variables from the hosts Ansible groups should be merged [default : `false`].
|
* **nft_merged_groups** : If variables from the hosts Ansible groups should be merged [default : `false`].
|
||||||
* **nft_merged_groups_dir** : The dictionary where the nftables group rules, named like the Ansible groups, are located in [default : `vars/`].
|
* **nft_merged_groups_dir** : The dictionary where the nftables group rules, named like the Ansible groups, are located in [default : `vars/`].
|
||||||
* **nft_debug** : Toggle more verbose output on/off. [default: 'false'].
|
* **nft_debug** : Toggle more verbose output on/off. [default: 'false'].
|
||||||
|
|
|
@ -573,18 +573,6 @@ nft__fail2ban_service_unit_path: '/etc/systemd/system/fail2ban.service.d/overrid
|
||||||
# Template used to provide systemd custom conf for Fail2Ban service.
|
# Template used to provide systemd custom conf for Fail2Ban service.
|
||||||
nft__fail2ban_service_unit_content: 'etc/systemd/system/fail2ban.service.d/override.conf.j2'
|
nft__fail2ban_service_unit_content: 'etc/systemd/system/fail2ban.service.d/override.conf.j2'
|
||||||
# ]]]
|
# ]]]
|
||||||
# .. envvar:: nft__fail2ban_service [[[
|
|
||||||
#
|
|
||||||
# If the Nftables systemd unit should also restart Fail2ban service. Possible
|
|
||||||
# options are :
|
|
||||||
#
|
|
||||||
# ``False``
|
|
||||||
# Default. Nftables service will not affect Fail2ban service.
|
|
||||||
#
|
|
||||||
# ``True``
|
|
||||||
# Any Nftables service (re)start will also restart Fail2ban service.
|
|
||||||
nft__fail2ban_service: False
|
|
||||||
# ]]]
|
|
||||||
#
|
#
|
||||||
# .. envvar:: nft_debug [[[
|
# .. envvar:: nft_debug [[[
|
||||||
#
|
#
|
||||||
|
|
|
@ -196,7 +196,6 @@
|
||||||
when:
|
when:
|
||||||
- nft_enabled|bool
|
- nft_enabled|bool
|
||||||
- nft_service_manage|bool
|
- nft_service_manage|bool
|
||||||
- nft__fail2ban_service|bool
|
|
||||||
|
|
||||||
- name: Install Debian Fail2Ban custom service
|
- name: Install Debian Fail2Ban custom service
|
||||||
template:
|
template:
|
||||||
|
@ -209,5 +208,4 @@
|
||||||
when:
|
when:
|
||||||
- nft_enabled|bool
|
- nft_enabled|bool
|
||||||
- nft_service_manage|bool
|
- nft_service_manage|bool
|
||||||
- nft__fail2ban_service|bool
|
|
||||||
notify: ['Restart nftables service']
|
notify: ['Restart nftables service']
|
||||||
|
|
Loading…
Reference in New Issue