From 93e5a4eab5948e2003429f84fe087d9e0f2c0fdf Mon Sep 17 00:00:00 2001 From: Aine Date: Sat, 18 Mar 2023 22:47:41 +0200 Subject: [PATCH] activate ssh and fail2ban roles only when enabled --- setup.yml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/setup.yml b/setup.yml index 96d3257..4a7a26d 100644 --- a/setup.yml +++ b/setup.yml @@ -39,9 +39,11 @@ - role: galaxy/swap - - role: galaxy/ssh + - when: system_security_ssh_enabled | bool + role: galaxy/ssh - - role: galaxy/fail2ban + - when: system_security_fail2ban_enabled | bool + role: galaxy/fail2ban # This role exposes various tags (setup-postgres, setup-all, upgrade-postgres, import-postgres, etc.), so we don't tag it here. - role: galaxy/com.devture.ansible.role.postgres