PROD.2026/RekomenciBackend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
44df678c82fb7a179d1431e21dac83bfd9ea0247
RekomenciBackend/infrastructure/iac/ansible/roles/security/tasks/main.yaml
T
ITQ 44df678c82 chore: added iac 
Signed-off-by: ITQ <itq.dev@ya.ru>
2025-11-21 18:49:30 +03:00

39 lines
810 B
YAML
Raw Blame History

---
- name: Install security packages
ansible.builtin.apt:
name: "{{ system_packages.security }}"
state: present
update_cache: true
tags: security
- name: Install nftables
ansible.builtin.apt:
name:
- nftables
state: present
update_cache: true
tags: security, nftables
- name: Render nftables configuration
ansible.builtin.template:
src: nftables.conf.j2
dest: /etc/nftables.conf
owner: root
group: root
mode: '0644'
validate: 'nft -c -f %s'
notify: Reload nftables
tags: security, nftables
- name: Enable and start nftables
ansible.builtin.systemd:
name: nftables
state: started
enabled: true
tags: security, nftables
- name: Install and configure fail2ban
include_role:
name: geerlingguy.security
tags: security
Reference in New Issue View Git Blame Copy Permalink