WarlockFish/fedora-infra_ansible
1
0
Fork 0
mirror of https://pagure.io/fedora-infra/ansible.git synced 2026-03-20 03:57:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: WarlockFish:03865d03b3167d807717955987055e70020d227e
Branches Tags
WarlockFish:main WarlockFish:letsencrypt WarlockFish:rawhide-greenwave WarlockFish:openqa WarlockFish:secarch WarlockFish:darkserver WarlockFish:openvpn_handler WarlockFish:easyfix WarlockFish:denyhosts
...
compare: WarlockFish:denyhosts
Branches Tags
WarlockFish:main WarlockFish:letsencrypt WarlockFish:rawhide-greenwave WarlockFish:openqa WarlockFish:secarch WarlockFish:darkserver WarlockFish:openvpn_handler WarlockFish:easyfix WarlockFish:denyhosts

4 Commits
03865d03b3 ... denyhosts

Author SHA1 Message Date
Pierre-Yves Chibon
d8f01f8b08 Fix escaping the '.' in the IPs using jinja2 directly and fix when to run what 2014-02-11 13:39:38 +00:00
Pierre-Yves Chibon
f458aec69e Update the denyhosts plugin to a newer syntax and bug fix it 2014-02-11 14:30:24 +01:00
Toshio くらとみ
755e5e81ae Move some things common to all staging hosts into the staging group_vars 2013-08-19 21:43:15 +00:00
Pierre-Yves Chibon
c6cbf75e92 Add playbook to remove someone from denyhosts 2013-07-30 12:36:30 +02:00
4 changed files with 53 additions and 12 deletions
Expand all files Collapse all files

6
inventory/group_vars/staging
View File

@@ -1,3 +1,9 @@
--- ---
freezes: false freezes: false
env: staging env: staging
nm: 255.255.255.0
gw: 10.5.126.254
dns: 10.5.126.21
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
datacenter: phx2

6
inventory/host_vars/badges-backend01.stg.phx2.fedoraproject.org
View File

@@ -1,10 +1,4 @@
--- ---
nm: 255.255.255.0
gw: 10.5.126.254
dns: 10.5.126.21
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
volgroup: /dev/vg_guests volgroup: /dev/vg_guests
eth0_ip: 10.5.126.68 eth0_ip: 10.5.126.68
vmhost: virthost12.phx2.fedoraproject.org vmhost: virthost12.phx2.fedoraproject.org
datacenter: phx2

6
inventory/host_vars/badges-web01.stg.phx2.fedoraproject.org
View File

@@ -1,10 +1,4 @@
--- ---
nm: 255.255.255.0
gw: 10.5.126.254
dns: 10.5.126.21
ks_url: http://10.5.126.23/repo/rhel/ks/kvm-rhel-6
ks_repo: http://10.5.126.23/repo/rhel/RHEL6-x86_64/
volgroup: /dev/vg_guests volgroup: /dev/vg_guests
eth0_ip: 10.5.126.69 eth0_ip: 10.5.126.69
vmhost: virthost12.phx2.fedoraproject.org vmhost: virthost12.phx2.fedoraproject.org
datacenter: phx2

47
playbooks/denyhosts.yml Normal file
View File

@@ -0,0 +1,47 @@
# requires --extra-vars="target=somevhost ip=10.0.0.1 test={True,False}"
# General overview:
# host provided via ``target`` argument on the CLI
# IP provided via ``ip`` argument on the CLI
# test provided via ``test`` argument on the CLI
# Command:
# ansible-playbook .../playbook/denyhosts.yml --extra-vars="target=host ip=10.0.0.1 test=True"
# Log onto $target
# if test is True:
# grep on /etc/hosts.deny for the provided {{ ip }}
# else:
# escape the '.' in the {{ ip }}
# remove {{ ip }} from /var/lib/denyhosts/*
# remove {{ ip }} from /etc/hosts.deny
# restart denyhosts
# sop: http://infrastructure.fedoraproject.org/infra/docs/denyhosts.txt
- name: Unban an IP from denyhosts
hosts: "{{ target }}"
user: root
gather_facts: False
vars:
- test: True
- ip: "{{ ip |replace('.', '\\.') }}"
tasks:
- name: Grep for the IP in the files
action: command grep {{ ip }} /etc/hosts.deny
when: test
- name: Remove IP from /var/lib/denyhosts/*
action: command sed -si "/^{{ ip }}$/d" /var/lib/denyhosts/*
notify:
- restart denyhosts
when: not test
- name: Remove IP from /etc/hosts.deny
action: command sed -si "/^{{ ip }}$/d" /etc/hosts.deny
notify:
- restart denyhosts
when: not test