From 07543e2a11d489890b52de98e817253ec3a934f8 Mon Sep 17 00:00:00 2001
From: Daniel Tomlinson <dtomlinson@panaetius.co.uk>
Date: Wed, 3 Mar 2021 18:06:48 +0000
Subject: [PATCH] updating variables files

---
 group_vars/all/fail2ban.yml |  6 ++++++
 group_vars/all/ufw.yml      | 10 ++++++++++
 2 files changed, 16 insertions(+)
 create mode 100644 group_vars/all/fail2ban.yml
 create mode 100644 group_vars/all/ufw.yml

diff --git a/group_vars/all/fail2ban.yml b/group_vars/all/fail2ban.yml
new file mode 100644
index 0000000..8466741
--- /dev/null
+++ b/group_vars/all/fail2ban.yml
@@ -0,0 +1,6 @@
+fail2ban_loglevel: INFO
+fail2ban_services:
+  - name: ssh
+    port: ssh
+    filter: sshd
+    logpath: /var/log/auth.log
diff --git a/group_vars/all/ufw.yml b/group_vars/all/ufw.yml
new file mode 100644
index 0000000..412e20a
--- /dev/null
+++ b/group_vars/all/ufw.yml
@@ -0,0 +1,10 @@
+# Local LAN IP-range addresses
+local_lan: "192.168.0.0/16"
+docker_overlay_ips: "172.0.0.0/8"
+
+# ufw rules
+# ufw_rules:
+#   - {rule: allow, port: 22, src: "{{local_lan}}", proto: tcp, direction: "in"}
+#   - {rule: allow, port: 22, src: "{{docker_overlay_ips}}", proto: tcp, direction: "in"}
+  # - {rule: allow, port: 80, src: "0.0.0.0/0", proto: tcp, direction: "in"}
+  # - {rule: allow, port: 443, src: "0.0.0.0/0", proto: tcp, direction: "in"}