public-ansible-bootstrap/bootstrap.yml

---

-  hosts: 127.0.0.1
   connection: local

   tasks:
  
   - name: This command will echo text to a file as a test
     ansible.builtin.shell:
       cmd: echo 'hello' > /tmp/hello.txt

   - name: install fail2ban
     ansible.builtin.dnf:
       name: fail2ban
       state: present

   - name: enable sshd jail
     copy:
       dest: /etc/fail2ban/jail.local
       content: |
         [sshd]
         enabled = true
         port = ssh
         filter = sshd
         logpath = /var/log/auth.log
         maxretry = 3
         findtime = 300
         bantime = 600
         ignoreip = 127.0.0.1,169.231.0.0/16,128.111.0.0/16
       
   - name: start fail2ban
     ansible.builtin.systemd_service:
       state: started
       enabled: true
       name: fail2ban
first attempt at cloud init cased ansible 2024-03-20 16:07:38 -07:00			`---`

syntax, syntax 2024-03-20 16:57:08 -07:00			`- hosts: 127.0.0.1`
			`connection: local`

			`tasks:`
more testing 2024-03-20 16:31:01 -07:00
syntax, syntax 2024-03-20 16:57:08 -07:00			`- name: This command will echo text to a file as a test`
			`ansible.builtin.shell:`
			`cmd: echo 'hello' > /tmp/hello.txt`
more testing 2024-03-20 16:31:01 -07:00
syntax, syntax 2024-03-20 16:57:08 -07:00			`- name: install fail2ban`
			`ansible.builtin.dnf:`
			`name: fail2ban`
			`state: present`
add jail.local 2024-03-20 17:37:54 -07:00
			`- name: enable sshd jail`
			`copy:`
			`dest: /etc/fail2ban/jail.local`
			`content: \|`
			`[sshd]`
			`enabled = true`
			`port = ssh`
			`filter = sshd`
			`logpath = /var/log/auth.log`
			`maxretry = 3`
			`findtime = 300`
			`bantime = 600`
			`ignoreip = 127.0.0.1,169.231.0.0/16,128.111.0.0/16`
syntax, syntax 2024-03-20 16:57:08 -07:00
			`- name: start fail2ban`
			`ansible.builtin.systemd_service:`
			`state: started`
			`enabled: true`
			`name: fail2ban`