diff options
Diffstat (limited to 'services/applications')
-rw-r--r-- | services/applications/fail2ban.cf | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/services/applications/fail2ban.cf b/services/applications/fail2ban.cf new file mode 100644 index 0000000..f2a5ff7 --- /dev/null +++ b/services/applications/fail2ban.cf @@ -0,0 +1,31 @@ +bundle agent fail2ban +{ + files: + linux:: + "/etc/fail2ban/." + create => "true", + perms => system_owned("755"), + classes => if_repaired("fail2ban_folder_repaired"); + "/etc/fail2ban/jail.local" + perms => system_owned("444"), + copy_from => local_cp("$(sys.inputdir)/templates/fail2ban/jail.local"), + classes => if_repaired("fail2ban_jail_local_repaired"); + methods: + centos:: + "any" usebundle => install_package("$(this.bundle)", "fail2ban-shorewall"); + debian|ubuntu:: + "any" usebundle => install_package("$(this.bundle)", "fail2ban"); + services: + linux:: + "fail2ban" + service_policy => "start", + classes => if_repaired("fail2ban_service_repaired"); + commands: + any:: + "/usr/sbin/service fail2ban restart" classes => if_repaired("fail2ban_service_repaired"), ifvarclass => "fail2ban_jail_local_repaired"; + reports: + any:: + "$(this.bundle): /etc/fail2ban folder repaired" ifvarclass => "fail2ban_folder_repaired"; + "$(this.bundle): jail.local repaired" ifvarclass => "fail2ban_jail_local_repaired"; + "$(this.bundle): fail2ban service repaired" ifvarclass => "fail2ban_service_repaired"; +} |