Compare commits

...

3 commits

Author SHA1 Message Date
a2eeac6fe4 Fix missing dependency for fail2ban override files 2021-05-18 17:21:44 +01:00
6a3ba5a140 Fix shellcheck issues 2021-05-04 17:48:15 +01:00
b276bf8741 Types to install fail2ban
- Install fail2ban server and client
- Configure path overrides
- Enable and configure jails
2021-05-04 17:44:30 +01:00
10 changed files with 245 additions and 0 deletions

View file

@ -0,0 +1,24 @@
#!/bin/sh -e
#
# 2021 Daniel Fancsali (fancsali@gmail.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
if [ -f "$__object/parameter/path-override" ]; then
echo "fail2ban-client reload"
fi

View file

@ -0,0 +1,53 @@
cdist-type__fail2ban(7)
=======================
NAME
----
cdist-type__fail2ban - TODO
DESCRIPTION
-----------
This space intentionally left blank.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
None.
BOOLEAN PARAMETERS
------------------
None.
EXAMPLES
--------
.. code-block:: sh
# TODO
__fail2ban
SEE ALSO
--------
:strong:`TODO`\ (7)
AUTHORS
-------
Daniel Fancsali <fancsali@gmail.com>
COPYING
-------
Copyright \(C) 2021 Daniel Fancsali. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

View file

@ -0,0 +1,45 @@
#!/bin/sh -e
#
# 2021 Daniel Fancsali (fancsali@gmail.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
debian|ubuntu|devuan)
:
;;
*)
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
printf "Please contribute an implementation for it if you can.\n" >&2
exit 1
;;
esac
__package_apt fail2ban
export require="__package_apt/fail2ban"
if [ -f "$__object/parameter/path-override" ]; then
(
echo [DEFAULT]
cat "$__object/parameter/path-override"
) | __file /etc/fail2ban/paths-overrides.local --mode 644 --source -
fi

View file

@ -0,0 +1 @@
path-override

View file

View file

@ -0,0 +1,22 @@
#!/bin/sh -e
#
# 2021 Daniel Fancsali (fancsali@gmail.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
echo "fail2ban-client reload"

View file

@ -0,0 +1,53 @@
cdist-type__fail2ban_jail(7)
============================
NAME
----
cdist-type__fail2ban_jail - TODO
DESCRIPTION
-----------
This space intentionally left blank.
REQUIRED PARAMETERS
-------------------
None.
OPTIONAL PARAMETERS
-------------------
None.
BOOLEAN PARAMETERS
------------------
None.
EXAMPLES
--------
.. code-block:: sh
# TODO
__fail2ban_jail
SEE ALSO
--------
:strong:`TODO`\ (7)
AUTHORS
-------
Daniel Fancsali <fancsali@gmail.com>
COPYING
-------
Copyright \(C) 2021 Daniel Fancsali. You can redistribute it
and/or modify it under the terms of the GNU General Public License as
published by the Free Software Foundation, either version 3 of the
License, or (at your option) any later version.

View file

@ -0,0 +1,46 @@
#!/bin/sh -e
#
# 2021 Daniel Fancsali (fancsali@gmail.com)
#
# This file is part of cdist.
#
# cdist is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# cdist is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
#
os=$(cat "$__global/explorer/os")
case "$os" in
debian|ubuntu|devuan)
:
;;
*)
printf "Your operating system (%s) is currently not supported by this type (%s)\n" "$os" "${__type##*/}" >&2
printf "Please contribute an implementation for it if you can.\n" >&2
exit 1
;;
esac
export require="__fail2ban"
__file /etc/fail2ban/jail.local --mode 644
export require="__file/etc/fail2ban/jail.local"
(
echo "[$__object_id]"
echo "enabled = true"
if [ -f "$__object/parameter/override" ]; then
cat "$__object/parameter/override"
fi
) | __block "/etc/fail2ban/jail.local:$__object_id" --file /etc/fail2ban/jail.local --text -

View file

@ -0,0 +1 @@
override