From 401b44b5f4424d02ab84fb392844f7b5c8640bf7 Mon Sep 17 00:00:00 2001 From: Jonathan Piron <> Date: Sun, 23 Feb 2020 15:44:03 +0100 Subject: [PATCH] Move custom configurations management to dedicated tasks list This allows to use the `tasks_from` parameter of the `import_role` module. For instance, one could run something like : ``` - name: "Create Traefik fail2ban configuration." import_role: name: ansible-fail2ban tasks_from: copy_custom_configurations become: True vars: fail2ban_filterd_path: "{{ traefik_fail2ban_filterd_path }}" fail2ban_actiond_path: "{{ traefik_fail2ban_actiond_path }}" fail2ban_jaild_path: "{{ traefik_fail2ban_jaild_path }}" ``` from a Traefik playbook to just add Traefik specific Fail2ban configuration without reconfiguring everything. --- tasks/copy_actions.yml | 12 ++++++++ tasks/copy_custom_configurations.yml | 11 +++++++ tasks/copy_filters.yml | 12 ++++++++ tasks/copy_jails.yml | 12 ++++++++ tasks/main.yml | 43 ++-------------------------- 5 files changed, 49 insertions(+), 41 deletions(-) create mode 100644 tasks/copy_actions.yml create mode 100644 tasks/copy_custom_configurations.yml create mode 100644 tasks/copy_filters.yml create mode 100644 tasks/copy_jails.yml diff --git a/tasks/copy_actions.yml b/tasks/copy_actions.yml new file mode 100644 index 0000000..720a662 --- /dev/null +++ b/tasks/copy_actions.yml @@ -0,0 +1,12 @@ +- name: copy actions + copy: + src: "{{ fail2ban_actiond_path }}" + dest: /etc/fail2ban/action.d/ + owner: root + group: root + mode: 0644 + notify: restart fail2ban + tags: + - configuration + - fail2ban + - fail2ban-actions diff --git a/tasks/copy_custom_configurations.yml b/tasks/copy_custom_configurations.yml new file mode 100644 index 0000000..b4ab561 --- /dev/null +++ b/tasks/copy_custom_configurations.yml @@ -0,0 +1,11 @@ +- name: copy filters + import_tasks: copy_filters.yml + when: fail2ban_filterd_path is defined + +- name: copy actions + import_tasks: copy_actions.yml + when: fail2ban_actiond_path is defined + +- name: copy jails + import_tasks: copy_jails.yml + when: fail2ban_jaild_path is defined diff --git a/tasks/copy_filters.yml b/tasks/copy_filters.yml new file mode 100644 index 0000000..c00f812 --- /dev/null +++ b/tasks/copy_filters.yml @@ -0,0 +1,12 @@ +- name: copy filters + copy: + src: "{{ fail2ban_filterd_path }}" + dest: /etc/fail2ban/filter.d/ + owner: root + group: root + mode: 0644 + notify: restart fail2ban + tags: + - configuration + - fail2ban + - fail2ban-filters diff --git a/tasks/copy_jails.yml b/tasks/copy_jails.yml new file mode 100644 index 0000000..1644e5b --- /dev/null +++ b/tasks/copy_jails.yml @@ -0,0 +1,12 @@ +- name: copy jails + copy: + src: "{{ fail2ban_jaild_path }}" + dest: /etc/fail2ban/jail.d/ + owner: root + group: root + mode: 0644 + notify: restart fail2ban + tags: + - configuration + - fail2ban + - fail2ban-jails diff --git a/tasks/main.yml b/tasks/main.yml index 839de4c..a7a2f18 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -50,47 +50,8 @@ - fail2ban-configuration - fail2ban-configuration-update -- name: copy filters - copy: - src: "{{ fail2ban_filterd_path }}" - dest: /etc/fail2ban/filter.d/ - owner: root - group: root - mode: 0644 - when: fail2ban_filterd_path is defined - notify: restart fail2ban - tags: - - configuration - - fail2ban - - fail2ban-filters - -- name: copy actions - copy: - src: "{{ fail2ban_actiond_path }}" - dest: /etc/fail2ban/action.d/ - owner: root - group: root - mode: 0644 - when: fail2ban_actiond_path is defined - notify: restart fail2ban - tags: - - configuration - - fail2ban - - fail2ban-actions - -- name: copy jails - copy: - src: "{{ fail2ban_jaild_path }}" - dest: /etc/fail2ban/jail.d/ - owner: root - group: root - mode: 0644 - when: fail2ban_jaild_path is defined - notify: restart fail2ban - tags: - - configuration - - fail2ban - - fail2ban-jails +- name: copy custom configurations + import_tasks: copy_custom_configurations.yml - name: start and enable service service: