mirror of
https://github.com/transatoshi-mw/grinminer.net.git
synced 2025-10-06 22:02:48 +00:00
32 lines
829 B
YAML
32 lines
829 B
YAML
- hosts: all
|
|
remote_user: root
|
|
tasks:
|
|
|
|
- name: Install fail2ban
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- fail2ban
|
|
state: latest
|
|
update_cache: yes
|
|
|
|
- name: Download and install fail2ban
|
|
ansible.builtin.shell:
|
|
cmd: cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
|
|
cmd: systemctl enable fail2ban
|
|
cmd: systemctl start fail2ban
|
|
|
|
- name: Replace PermitRootLogin
|
|
ansible.builtin.replace:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: PermitRootLogin yes
|
|
replace: PermitRootLogin prohibit-password
|
|
|
|
- name: Replace PasswordAuthentication
|
|
ansible.builtin.replace:
|
|
path: /etc/ssh/sshd_config
|
|
regexp: PasswordAuthentication yes
|
|
replace: PasswordAuthentication no
|
|
|
|
- name: Restart SSH
|
|
ansible.builtin.shell:
|
|
cmd: systemctl restart ssh |