diff options
Diffstat (limited to 'modules/fail2ban')
| -rw-r--r-- | modules/fail2ban/files/jail.local | 10 | ||||
| -rw-r--r-- | modules/fail2ban/manifests/init.pp | 21 |
2 files changed, 31 insertions, 0 deletions
diff --git a/modules/fail2ban/files/jail.local b/modules/fail2ban/files/jail.local new file mode 100644 index 0000000..00329d7 --- /dev/null +++ b/modules/fail2ban/files/jail.local @@ -0,0 +1,10 @@ +[DEFAULT] +bantime = 1d + +[sshd] +enabled = true +ignoreip = 10.19.49.0/24 + +[nginx-botsearch] +enabled = true +logpath = /var/log/nginx/*.log diff --git a/modules/fail2ban/manifests/init.pp b/modules/fail2ban/manifests/init.pp new file mode 100644 index 0000000..5ca6483 --- /dev/null +++ b/modules/fail2ban/manifests/init.pp @@ -0,0 +1,21 @@ +class fail2ban { + package { "fail2ban": + ensure => installed; + } + + file { + "/etc/fail2ban/jail.local": + source => "puppet:///modules/fail2ban/jail.local", + notify => Service["fail2ban"], + require => Package["fail2ban"]; + } + + service { "fail2ban": + ensure => running, + enable => true, + require => [ + File["/etc/fail2ban/jail.local"], + Package["fail2ban"], + ]; + } +} |