Merge pull request #8 from Oefenweb/add-apache-wordpress-logins-filter

Make it possible to add custom filters
Oefenweb · Jun 19, 2015 · 735cb2a · 735cb2a
2 parents fadf48c + 137d191
commit 735cb2a
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -28,6 +28,8 @@ None
 - `fail2ban_chain`: [default: `INPUT`]: Specifies the chain where jumps would need to be added in iptables-* actions
 - `fail2ban_action`: [default: `action_`]: Default action
 
+- `fail2ban_filterd_path`: [optional]: Path to directory containing filters to copy (**note the trailing slash**)
+
 For each of the services you wish to protect/put a jail or ban up for, you need to add it to the `fail2ban_services` list of hashes:
 
 ```yaml
@@ -47,13 +49,34 @@ fail2ban_services:
 
 None
 
-#### Example
+#### Example(s)
+
+##### Simple configuration
+
+```yaml
+---
+- hosts: all
+  roles:
+    - fail2ban
+```
+
+##### Add custom filters (from outside the role)
 
 ```yaml
 ---
 - hosts: all
   roles:
-  - fail2ban
+    - fail2ban
+  vars:
+    fail2ban_filterd_path: ../../../files/fail2ban/etc/fail2ban/filter.d/
+    fail2ban_services:
+      - name: apache-wordpress-logins
+        enabled: true
+        port: http,https
+        filter: apache-wordpress-logins
+        logpath: /var/log/apache2/access.log
+        maxretry: 5
+        findtime: 120
 ```
 
 #### License

diff --git a/tasks/main.yml b/tasks/main.yml
@@ -26,6 +26,17 @@
   notify: restart fail2ban
   tags: [configuration, fail2ban, fail2ban-configuration]
 
+- name: copy filters
+  copy:
+    src: "{{ fail2ban_filterd_path }}"
+    dest: /etc/fail2ban/filter.d/
+    owner: root
+    group: root
+    mode: 0644
+  when: fail2ban_filterd_path is defined
+  notify: restart fail2ban
+  tags: [configuration, fail2ban, fail2ban-filters]
+
 - name: start and enable service
   service:
     name: fail2ban