diff options
Diffstat (limited to '')
| -rw-r--r-- | services/applications.cf | 1 | ||||
| -rw-r--r-- | services/applications/fail2ban.cf | 31 |
2 files changed, 32 insertions, 0 deletions
diff --git a/services/applications.cf b/services/applications.cf index 84b1938..944b990 100644 --- a/services/applications.cf +++ b/services/applications.cf @@ -3,6 +3,7 @@ body file control inputs => { "services/applications/bareos_fd.cf", "services/applications/check_mk.cf", + "services/applications/fail2ban.cf", "services/applications/fcgiwrap.cf", "services/applications/nagios.cf", "services/applications/nginx.cf", diff --git a/services/applications/fail2ban.cf b/services/applications/fail2ban.cf new file mode 100644 index 0000000..f2a5ff7 --- /dev/null +++ b/services/applications/fail2ban.cf @@ -0,0 +1,31 @@ +bundle agent fail2ban +{ + files: + linux:: + "/etc/fail2ban/." + create => "true", + perms => system_owned("755"), + classes => if_repaired("fail2ban_folder_repaired"); + "/etc/fail2ban/jail.local" + perms => system_owned("444"), + copy_from => local_cp("$(sys.inputdir)/templates/fail2ban/jail.local"), + classes => if_repaired("fail2ban_jail_local_repaired"); + methods: + centos:: + "any" usebundle => install_package("$(this.bundle)", "fail2ban-shorewall"); + debian|ubuntu:: + "any" usebundle => install_package("$(this.bundle)", "fail2ban"); + services: + linux:: + "fail2ban" + service_policy => "start", + classes => if_repaired("fail2ban_service_repaired"); + commands: + any:: + "/usr/sbin/service fail2ban restart" classes => if_repaired("fail2ban_service_repaired"), ifvarclass => "fail2ban_jail_local_repaired"; + reports: + any:: + "$(this.bundle): /etc/fail2ban folder repaired" ifvarclass => "fail2ban_folder_repaired"; + "$(this.bundle): jail.local repaired" ifvarclass => "fail2ban_jail_local_repaired"; + "$(this.bundle): fail2ban service repaired" ifvarclass => "fail2ban_service_repaired"; +} |