mirror of
https://gitlab.archlinux.org/archlinux/infrastructure.git
synced 2025-01-18 08:06:16 +01:00
17e8ab15fe
group_vars/all was enabling just the sshd jail so move this into the fail2ban role defaults. patchwork, security and wiki were redefining fail2ban_jails without deviating from the group_vars/all default and can therefore be dropped.
16 lines
512 B
YAML
16 lines
512 B
YAML
# by default only the sshd jail is enabled
|
|
# override this variable in a host/group file to enable additional jails
|
|
fail2ban_jails:
|
|
sshd: true
|
|
postfix: false
|
|
dovecot: false
|
|
nginx_limit_req: false
|
|
|
|
# use variables for these directives so they can be overridden at a host or
|
|
# group level as required. note that there cannot be a space between the
|
|
# integer and the unit (eg "15min" == good, "15 min" == bad).
|
|
# refer to `man jail.conf`
|
|
fail2ban_findtime: 15min
|
|
fail2ban_bantime: 1day
|
|
fail2ban_maxretry: 5
|