[PATCH] Add playbook to remove someone from denyhosts

[Pierre-Yves Chibon]

---
 playbooks/denyhosts.yml | 45 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 playbooks/denyhosts.yml

diff --git a/playbooks/denyhosts.yml b/playbooks/denyhosts.yml
new file mode 100644
index 0000000..acd80e7
--- /dev/null
+++ b/playbooks/denyhosts.yml
@@ -0,0 +1,45 @@
+# requires --extra-vars="target=somevhost ip=10.0.0.1 test={True,False}"
+
+#General overview:
+# host provided via ``target`` argument on the CLI
+# IP provided via ``ip`` argument on the CLI
+# test provided via ``test`` argument on the CLI
+
+# Log onto $target
+# if test is True:
+#   grep on /etc/hosts.deny for the provided $ip
+# else:
+#   escape the '.' in the $ip
+#   remove $ip from /var/lib/denyhosts/*
+#   remove $ip from /etc/hosts.deny
+#   restart denyhosts
+
+# sop: http://infrastructure.fedoraproject.org/infra/docs/denyhosts.txt
+
+- name: Unban an IP from denyhosts
+  hosts: $target
+  user: root
+  gather_facts: False
+
+  tasks:
+  - name: Grep for the IP in the files
+    action: command grep $ip /etc/hosts.deny
+    only_if: '$test or not is_set($test)'
+
+  - name: Escape the '.' in the IP
+    action: command ${$ip//\./\\.}
+    register: ip
+    only_if: '$test or not is_set($test)'
+
+  - name: Remove IP from /var/lib/denyhosts/*
+    action: command sed -si "/^$ip$/d" /var/lib/denyhosts/*
+    notify:
+    - restart denyhosts
+    only_if: 'is_set($test) and $test == False'
+
+  - name: Remove IP from /etc/hosts.deny
+    action: command sed -si "/^$ip$/d" /etc/hosts.deny
+    notify:
+    - restart denyhosts
+    only_if: 'is_set($test) and $test == False'
+
-- 
1.8.3.1