jack/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/roles/base/tasks
History
jack 321e1c4daa
Some checks failed
CI/CD / syntax-check (push) Successful in 42s
Details
CI/CD / deploy (push) Failing after 46s
Details
feat: extend fail2ban with Forgejo SSH and Traefik HTTP jails 
- Add traefik-auth filter: ban IPs with 10+ HTTP 401/403 in 5 min
- Add forgejo-ssh jail: ban after 3 failed SSH attempts (24h ban)
- Both jails are active; forgejo-ssh already detected 8 real attempts
- Traefik access.log now written to /opt/services/traefik/logs/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 04:51:43 +07:00
..
firewall.yml feat: extend fail2ban with Forgejo SSH and Traefik HTTP jails 2026-03-22 04:51:43 +07:00
main.yml fix: allow Docker bridge networks through UFW for runner + add unattended-upgrades 2026-03-22 04:11:39 +07:00
packages.yml Initial commit 2026-03-20 19:39:26 +07:00
sshd.yml Initial commit 2026-03-20 19:39:26 +07:00
swap.yml feat: major infrastructure improvements 2026-03-22 03:28:16 +07:00
sysctl.yml feat: Cloudflare DNS-01 ACME + Docker hardening + sysctl 2026-03-22 04:06:46 +07:00
unattended_upgrades.yml fix: allow Docker bridge networks through UFW for runner + add unattended-upgrades 2026-03-22 04:11:39 +07:00
users.yml Add Forgejo Actions CI/CD with act_runner 2026-03-21 21:28:15 +07:00