infrastructure/roles/fail2ban/templates/fail2ban.local.j2 at be6c4f80143a56f41cc0bade0f63979dd9ea8dd0 - saibotk-de/infrastructure - Forgejo: Beyond coding. We forge.

saibotk-de/infrastructure

histalek d822f8544d

fail2ban: Harden service

This hardens the fail2ban service by giving it only the capabilities and
read/write access it needs.

This is done in accordance to the Arch Wiki article [1] where further
information about the needed capabilities and read/write paths can be
found.

[1] https://wiki.archlinux.org/title/Fail2ban#Service_hardening

2021-12-05 14:22:51 +01:00

4 lines

89 B

Django/Jinja

Raw Blame History

 {{ ansible_managed | comment }}
 [Definition]
 logtarget = /var/log/fail2ban/fail2ban.log