diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7c00f3c..5e5c0cf 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,9 @@ jobs: python-version: '3.x' - name: Install test dependencies - run: pip install ansible-lint[community,yamllint] + run: | + pip install ansible-lint + ansible-galaxy install -r requirements.yml - name: Lint code run: | @@ -43,11 +45,8 @@ jobs: matrix: include: - distro: debian8 - ansible-version: '<2.10' - distro: debian9 - distro: debian10 - - distro: ubuntu1604 - ansible-version: '>=2.9, <2.10' - distro: ubuntu1604 ansible-version: '>=2.10, <2.11' - distro: ubuntu1604 diff --git a/Dockerfile b/Dockerfile index b179278..6ebe0c4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,20 @@ -FROM ubuntu:16.04 +FROM ubuntu:18.04 MAINTAINER Mischa ter Smitten +ENV LANG C.UTF-8 +ENV LC_ALL C.UTF-8 + # python RUN apt-get update && \ - DEBIAN_FRONTEND=noninteractive apt-get install -y python-minimal python-dev curl && \ + DEBIAN_FRONTEND=noninteractive apt-get install -y python3-minimal python3-dev curl && \ apt-get clean -RUN curl -sL https://bootstrap.pypa.io/pip/2.7/get-pip.py | python - +RUN curl -sL https://bootstrap.pypa.io/pip/3.6/get-pip.py | python3 - RUN rm -rf $HOME/.cache # ansible -RUN DEBIAN_FRONTEND=noninteractive apt-get install -y gcc libffi-dev libssl-dev && \ +RUN DEBIAN_FRONTEND=noninteractive apt-get install -y python3-apt && \ apt-get clean -RUN pip install ansible==2.9.15 +RUN pip3 install ansible==2.10.7 RUN rm -rf $HOME/.cache # provision diff --git a/handlers/main.yml b/handlers/main.yml index 6d684f7..b7ccbf3 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -1,7 +1,7 @@ # handlers file --- - name: restart fail2ban - service: + ansible.builtin.service: name: fail2ban state: restarted when: service_default_state | default('started') == 'started' diff --git a/meta/main.yml b/meta/main.yml index 26143f1..4869a24 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,13 +1,12 @@ # meta file --- galaxy_info: - namespace: oefenweb + author: oefenweb role_name: fail2ban - author: Mischa ter Smitten company: Oefenweb.nl B.V. description: Set up fail2ban in Debian-like systems license: MIT - min_ansible_version: 2.9.0 + min_ansible_version: 2.10.0 platforms: - name: Ubuntu versions: diff --git a/molecule/default/collections.yml b/molecule/default/collections.yml new file mode 100644 index 0000000..c3d7e2a --- /dev/null +++ b/molecule/default/collections.yml @@ -0,0 +1,6 @@ +--- +collections: + - name: community.docker + version: '>=1.2.0,<2' + - name: community.general + version: '>=2,<3' diff --git a/requirements.yml b/requirements.yml new file mode 100644 index 0000000..3d5f1cd --- /dev/null +++ b/requirements.yml @@ -0,0 +1,3 @@ +# requirements file +--- +collections: [] diff --git a/tasks/main.yml b/tasks/main.yml index be3baf9..fa07196 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,7 +1,7 @@ # tasks file --- - name: install - apt: + ansible.builtin.apt: name: "{{ fail2ban_dependencies }}" state: "{{ apt_install_state | default('latest') }}" update_cache: true @@ -12,7 +12,7 @@ - fail2ban-install - name: get fail2ban version - command: > + ansible.builtin.command: > fail2ban-server -V changed_when: false register: _fail2ban_version_raw @@ -22,7 +22,7 @@ - fail2ban-install - name: register fail2ban version - set_fact: + ansible.builtin.set_fact: fail2ban_version: "{{ _fail2ban_version_raw.stdout | regex_search('([0-9]+\\.[0-9]+\\.[0-9]+)') }}" changed_when: false tags: @@ -31,7 +31,7 @@ - fail2ban-install - name: remove configuration file - /etc/fail2ban/jail.d/defaults-debian.conf - file: + ansible.builtin.file: state: absent path: /etc/fail2ban/jail.d/defaults-debian.conf notify: restart fail2ban @@ -42,7 +42,7 @@ - fail2ban-configuration-delete - name: update configuration file - /etc/fail2ban/fail2ban.local - template: + ansible.builtin.template: src: etc/fail2ban/fail2ban.local.j2 dest: /etc/fail2ban/fail2ban.local owner: root @@ -56,7 +56,7 @@ - fail2ban-configuration-update - name: update configuration file - /etc/fail2ban/jail.local - template: + ansible.builtin.template: src: etc/fail2ban/jail.local.j2 dest: /etc/fail2ban/jail.local owner: root @@ -70,7 +70,7 @@ - fail2ban-configuration-update - name: copy filters - copy: + ansible.builtin.copy: src: "{{ fail2ban_filterd_path }}" dest: /etc/fail2ban/filter.d/ owner: root @@ -84,7 +84,7 @@ - fail2ban-filters - name: copy actions - copy: + ansible.builtin.copy: src: "{{ fail2ban_actiond_path }}" dest: /etc/fail2ban/action.d/ owner: root @@ -98,7 +98,7 @@ - fail2ban-actions - name: copy jails - copy: + ansible.builtin.copy: src: "{{ fail2ban_jaild_path }}" dest: /etc/fail2ban/jail.d/ owner: root @@ -112,7 +112,7 @@ - fail2ban-jails - name: start and enable service - service: + ansible.builtin.service: name: fail2ban state: "{{ service_default_state | default('started') }}" enabled: "{{ service_default_enabled | default(true) | bool }}"