Roots Discourse

How to correctly add ip to ferm whitelist

So it’s PEN testing time and the tester has had his IP banned by fail2ban (personally I think this should be an automatic pass for my Trellis server and we can all move on with our lives but alas).

What is the correct way to do this?

Do I need to append the ip to ip_whitelist in trellis/group_vars/all/main.yml? If so I am still a little unsure about the syntax

composer_keep_updated: true
composer_global_packages:
- { name: hirak/prestissimo }
apt_cache_valid_time: 3600
apt_package_state: present
apt_security_package_state: latest
apt_dev_package_state: latest
ntp_timezone: Etc/UTC
ntp_manage_config: true
www_root: /srv/www

ip_whitelist:
- "{{ (env == 'development') | ternary(ansible_default_ipv4.gateway, ipify_public_ip | default('')) }}"
ip_whitelist:
- "{{ (env == 'development') | ternary(ansible_default_ipv4.gateway, ipify_public_ip | default('')) }}"
- "1.1.1.1"

You add a new item to the array like that ^

1 Like

Thank you very much sir