110 lines
2.9 KiB
YAML
110 lines
2.9 KiB
YAML
---
|
|
|
|
- name: test if fail2ban_loglevel is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_loglevel is defined
|
|
- fail2ban_loglevel is string
|
|
- fail2ban_loglevel in [ "CRITICAL", "ERROR", "WARNING", "NOTICE", "INFO", "DEBUG" ]
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_logtarget is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_logtarget is defined
|
|
- fail2ban_logtarget is string
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_ignoreself is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_ignoreself is defined
|
|
- fail2ban_ignoreself is string
|
|
- fail2ban_ignoreself in [ "false", "true" ]
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_ignoreips is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_ignoreips is defined
|
|
- fail2ban_ignoreips is string
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_bantime is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_bantime is defined
|
|
- fail2ban_bantime is number
|
|
- fail2ban_bantime >= -1 and fail2ban_bantime !=0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_findtime is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_findtime is defined
|
|
- fail2ban_findtime is number
|
|
- fail2ban_findtime > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_maxretry is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_maxretry is defined
|
|
- fail2ban_maxretry is number
|
|
- fail2ban_maxretry > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_destemail is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_destemail is defined
|
|
- fail2ban_destemail is string
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_sender is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_sender is defined
|
|
- fail2ban_sender is string
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_configuration is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- fail2ban_configuration is iterable
|
|
quiet: yes
|
|
when:
|
|
- fail2ban_configuration is defined
|
|
|
|
- name: test if item in fail2ban_configuration is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- item.option is defined
|
|
- item.option is string
|
|
- item.value is defined
|
|
- item.section is defined
|
|
- item.section is string
|
|
quiet: yes
|
|
loop: "{{ fail2ban_configuration }}"
|
|
loop_control:
|
|
label: "{{ item.option }}"
|
|
when:
|
|
- fail2ban_configuration is defined
|
|
- fail2ban_configuration is iterable
|
|
|
|
- name: test if fail2ban_jail_configuration is set correctly
|
|
ansible.builtin.assert:
|
|
that:
|
|
- item.option is defined
|
|
- item.option is string
|
|
- item.value is defined
|
|
- item.section is defined
|
|
- item.section is string
|
|
quiet: yes
|
|
loop: "{{ fail2ban_jail_configuration }}"
|
|
loop_control:
|
|
label: "{{ item.option }}"
|
|
when:
|
|
- fail2ban_jail_configuration is defined
|
|
- fail2ban_jail_configuration is iterable
|