113 lines
2.8 KiB
YAML
113 lines
2.8 KiB
YAML
---
|
|
- name: test if fail2ban_loglevel is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_loglevel is defined
|
|
- fail2ban_loglevel | length > 0
|
|
- fail2ban_loglevel in ["CRITICAL", "ERROR", "WARNING", "NOTICE", "INFO", "DEBUG"]
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_logtarget is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_logtarget is defined
|
|
- fail2ban_logtarget | length > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_ignoreself is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_ignoreself is defined
|
|
- fail2ban_ignoreself | length > 0
|
|
- fail2ban_ignoreself in ["false", "true"]
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_ignoreips is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_ignoreips is defined
|
|
- fail2ban_ignoreips | length > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_bantime is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_bantime is defined
|
|
- fail2ban_bantime | int
|
|
- fail2ban_bantime | int > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_findtime is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_findtime is defined
|
|
- fail2ban_findtime | int
|
|
- fail2ban_findtime | int > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_maxretry is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_maxretry is defined
|
|
- fail2ban_maxretry | int
|
|
- fail2ban_maxretry | int > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_destemail is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_destemail is defined
|
|
- fail2ban_destemail | length > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_sender is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_sender is defined
|
|
- fail2ban_sender | length > 0
|
|
quiet: yes
|
|
|
|
- name: test if fail2ban_configuration is set correctly
|
|
assert:
|
|
that:
|
|
- fail2ban_configuration is iterable
|
|
quiet: yes
|
|
when:
|
|
- fail2ban_configuration is defined
|
|
|
|
- name: test if item in fail2ban_configuration is set correctly
|
|
assert:
|
|
that:
|
|
- item.option is defined
|
|
- item.option | length > 0
|
|
- item.value is defined
|
|
- item.value | length > 0
|
|
- item.section is defined
|
|
- item.section | length > 0
|
|
quiet: yes
|
|
loop: "{{ fail2ban_configuration }}"
|
|
loop_control:
|
|
label: "{{ item.option }}"
|
|
when:
|
|
- fail2ban_configuration is defined
|
|
- fail2ban_configuration | length > 0
|
|
- fail2ban_configuration is iterable
|
|
|
|
- name: test if fail2ban_jail_configuration is set correctly
|
|
assert:
|
|
that:
|
|
- item.option is defined
|
|
- item.option | length > 0
|
|
- item.value is defined
|
|
- item.value | length > 0
|
|
- item.section is defined
|
|
- item.section | length > 0
|
|
quiet: yes
|
|
loop: "{{ fail2ban_jail_configuration }}"
|
|
loop_control:
|
|
label: "{{ item.option }}"
|
|
when:
|
|
- fail2ban_jail_configuration is defined
|
|
- fail2ban_jail_configuration | length > 0
|
|
- fail2ban_jail_configuration is iterable
|