36 lines
1.1 KiB
Plaintext
36 lines
1.1 KiB
Plaintext
|
Define firewalld service for fail2ban exporter:
|
||
|
|
firewalld.service:
|
||
|
|
- name: fail2ban_exporter
|
||
|
|
- ports:
|
||
|
|
- 9191/tcp
|
||
|
|
|
||
|
|
Addinge fail2ban exporter fw service:
|
||
|
|
firewalld.present:
|
||
|
|
- name: public
|
||
|
|
- services:
|
||
|
|
- fail2ban_exporter
|
||
|
|
|
||
|
|
create fail2ban-exporter container:
|
||
|
|
cmd.run:
|
||
|
|
- name: podman container create --name fail2ban-exporter -v /var/run/fail2ban:/var/run/fail2ban:ro -p 9191:9191 registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
|
||
|
|
- unless: podman container exists fail2ban-exporter
|
||
|
|
|
||
|
|
create fail2ban-exporter container unit file:
|
||
|
|
cmd.run:
|
||
|
|
- name: podman generate systemd --name fail2ban-exporter > /etc/systemd/system/fail2ban-exporter.service
|
||
|
|
- onchanges:
|
||
|
|
- cmd: create fail2ban-exporter container
|
||
|
|
|
||
|
|
run daemon reload for fail2ban-exporter container unit file:
|
||
|
|
cmd.run:
|
||
|
|
- name: systemctl daemon-reload
|
||
|
|
- onchanges:
|
||
|
|
- cmd: create fail2ban-exporter container unit file
|
||
|
|
|
||
|
|
start fail2ban-exporter container:
|
||
|
|
service.running:
|
||
|
|
- name: fail2ban-exporter
|
||
|
|
- enable: true
|
||
|
|
- watch:
|
||
|
|
- cmd: create fail2ban-exporter container unit file
|