roles/common: use FQCN in handler

roles/common: update default fail2ban ignores
roles/common: json spacing
2025-09-21 17:09:45 +03:00 · 2025-09-21 17:06:48 +03:00 · 2025-09-21 17:06:01 +03:00
3 changed files with 3 additions and 3 deletions
--- a/roles/common/defaults/main.yml
+++ b/roles/common/defaults/main.yml
@@ -8,7 +8,7 @@ fail2ban_maxretry: 6
 fail2ban_findtime: 3600
 # 2 weeks in seconds
 fail2ban_bantime: 1209600
-fail2ban_ignoreip: 127.0.0.1/8 172.26.0.0/16 192.168.5.0/24
+fail2ban_ignoreip: 127.0.0.1/8

 # Disable SSH passwords. Must use SSH keys. This is OK because we add the keys
 # before re-configuring the SSH daemon to disable passwords.
--- a/roles/common/handlers/main.yml
+++ b/roles/common/handlers/main.yml
@@ -7,7 +7,7 @@
    state: reloaded

 - name: reload sysctl
-  command: sysctl -p /etc/sysctl.conf
+  ansible.builtin.command: sysctl -p /etc/sysctl.conf

 - name: reload systemd
  ansible.builtin.systemd:
--- a/roles/common/tasks/ssh-keys.yml
+++ b/roles/common/tasks/ssh-keys.yml
@@ -5,7 +5,7 @@
    state: absent

 - name: Add public keys to authorized_keys
-  ansible.posix.authorized_key: { user: "{{ provisioning_user.name }}", key: "{{ lookup('file',item) }}" }
+  ansible.posix.authorized_key: { user: "{{ provisioning_user.name }}", key: "{{ lookup('file', item) }}" }
  with_fileglob:
    # use descriptive names for keys, like: aorth-mzito-rsa.pub
    - ssh-pub-keys/*.pub
Author	SHA1	Message	Date
Alan Orth	d4d326c2f7	roles/common: use FQCN in handler	2025-09-21 17:09:45 +03:00
Alan Orth	1d4a6f208b	roles/common: update default fail2ban ignores	2025-09-21 17:06:48 +03:00
Alan Orth	8b22076d4a	roles/common: json spacing	2025-09-21 17:06:01 +03:00