diff options
| author | boom2 <blizzack@blizzack.com> | 2023-12-21 23:17:53 -0500 |
|---|---|---|
| committer | boom2 <blizzack@blizzack.com> | 2023-12-21 23:17:53 -0500 |
| commit | e546f2ba800a55663ae04f18f8b01e86e1deac90 (patch) | |
| tree | 0179f56d978ca3f3896a49b7b8cdda6305161c99 /ansible-practice/system/18-playbook-slackbuild-fail2ban.yml | |
| parent | 200680e7c8cbd6b4426c3ce232568b1e06446bde (diff) | |
- initial commit for fail2ban playbook
Diffstat (limited to 'ansible-practice/system/18-playbook-slackbuild-fail2ban.yml')
| -rw-r--r-- | ansible-practice/system/18-playbook-slackbuild-fail2ban.yml | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/ansible-practice/system/18-playbook-slackbuild-fail2ban.yml b/ansible-practice/system/18-playbook-slackbuild-fail2ban.yml new file mode 100644 index 0000000..4bd28b2 --- /dev/null +++ b/ansible-practice/system/18-playbook-slackbuild-fail2ban.yml @@ -0,0 +1,74 @@ +# fail2ban slackbuild install +# +# +--- +- name: import another playbook + ansible.builtin.import_playbook: 17-playbook-slackbuild-rsync-repo.yml + +- name: "18 - custom ansible - install fail2ban slackbuild" + become: yes # Run tasks with root/sudo privileges + hosts: dev + vars: + rc_local: /etc/rc.d/rc.local + rc_local_shutdown: /etc/rc.d/rc.local_shutdown + rc_d: /etc/rc.d + + tasks: + - name: "test - to see if '{{ rc_local }}' exists" + ansible.builtin.stat: + path: "{{ rc_local }}" + register: etc_rcd_rclocal + tags: ['register_etc_rcd_rclocal'] + + - name: "fail - if the '{{ rc_local }}' file does not exist !" + ansible.builtin.fail: + msg: "this host does not have {{ rc_local }}" + when: etc_rcd_rclocal.stat.isreg is not defined + tags: ['test_etc_rcd_rclocal_exists'] + + - name: append to /etc/rc.local + ansible.builtin.blockinfile: + path: "{{ rc_local }}" + backup: true + block: | + if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban start + fi + tags: ['append_to_etc_rcd_rclocal'] + + - name: "test - to see if '{{ rc_local_shutdown }}' exists" + ansible.builtin.stat: + path: "{{ rc_local_shutdown }}" + register: etc_rcd_rclocal_shutdown + tags: ['register_etc_rcd_rclocal_shutdown'] + + - name: "copy - {{ rc_local_shutdown }} from controller to managed node" + ansible.builtin.copy: + src: rc.local_shutdown # copying a local file + dest: "{{ rc_d }}/" + owner: root + group: root + mode: 0755 + register: etc_rcd_rclocal_shutdown_created + when: etc_rcd_rclocal_shutdown.stat.isreg is not defined + tags: ['copy_rc_local_shutdown'] + + - name: "append - to {{ rc_local_shutdown }}" + ansible.builtin.blockinfile: + path: "{{ rc_local }}_shutdown" + backup: true + block: | + if [ -x /etc/rc.d/rc.fail2ban ]; then + /etc/rc.d/rc.fail2ban stop + fi + tags: ['append_to_etc_rcd_rclocal_shutdown'] + +# - make sure to run 'updatedb' and 'sync' when we've finished all tasks !!!! + +# References +# +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/blockinfile_module.html +# https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_conditionals.html +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/fail_module.html +# https://docs.ansible.com/ansible/latest/collections/ansible/builtin/stat_module.html + |