---
playbooks/denyhosts.yml | 45 +++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
create mode 100644 playbooks/denyhosts.yml
diff --git a/playbooks/denyhosts.yml b/playbooks/denyhosts.yml
new file mode 100644
index 0000000..acd80e7
--- /dev/null
+++ b/playbooks/denyhosts.yml
@@ -0,0 +1,45 @@
+# requires --extra-vars="target=somevhost ip=10.0.0.1 test={True,False}"
+
+#General overview:
+# host provided via ``target`` argument on the CLI
+# IP provided via ``ip`` argument on the CLI
+# test provided via ``test`` argument on the CLI
+
+# Log onto $target
+# if test is True:
+# grep on /etc/hosts.deny for the provided $ip
+# else:
+# escape the '.' in the $ip
+# remove $ip from /var/lib/denyhosts/*
+# remove $ip from /etc/hosts.deny
+# restart denyhosts
+
+# sop: http://infrastructure.fedoraproject.org/infra/docs/denyhosts.txt
+
+- name: Unban an IP from denyhosts
+ hosts: $target
+ user: root
+ gather_facts: False
+
+ tasks:
+ - name: Grep for the IP in the files
+ action: command grep $ip /etc/hosts.deny
+ only_if: '$test or not is_set($test)'
+
+ - name: Escape the '.' in the IP
+ action: command ${$ip//\./\\.}
+ register: ip
+ only_if: '$test or not is_set($test)'
+
+ - name: Remove IP from /var/lib/denyhosts/*
+ action: command sed -si "/^$ip$/d" /var/lib/denyhosts/*
+ notify:
+ - restart denyhosts
+ only_if: 'is_set($test) and $test == False'
+
+ - name: Remove IP from /etc/hosts.deny
+ action: command sed -si "/^$ip$/d" /etc/hosts.deny
+ notify:
+ - restart denyhosts
+ only_if: 'is_set($test) and $test == False'
+
--
1.8.3.1
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
