So it’s PEN testing time and the tester has had his IP banned by fail2ban (personally I think this should be an automatic pass for my Trellis server and we can all move on with our lives but alas).
What is the correct way to do this?
Do I need to append the ip to ip_whitelist in trellis/group_vars/all/main.yml? If so I am still a little unsure about the syntax
composer_keep_updated: true
composer_global_packages:
- { name: hirak/prestissimo }
apt_cache_valid_time: 3600
apt_package_state: present
apt_security_package_state: latest
apt_dev_package_state: latest
ntp_timezone: Etc/UTC
ntp_manage_config: true
www_root: /srv/www
ip_whitelist:
- "{{ (env == 'development') | ternary(ansible_default_ipv4.gateway, ipify_public_ip | default('')) }}"