summaryrefslogtreecommitdiffstats
path: root/modules/tick
diff options
context:
space:
mode:
Diffstat (limited to 'modules/tick')
-rw-r--r--modules/tick/files/plugins/fail2ban.sudoers3
-rw-r--r--modules/tick/manifests/client/plugin/fail2ban.pp12
2 files changed, 15 insertions, 0 deletions
diff --git a/modules/tick/files/plugins/fail2ban.sudoers b/modules/tick/files/plugins/fail2ban.sudoers
new file mode 100644
index 0000000..c172266
--- /dev/null
+++ b/modules/tick/files/plugins/fail2ban.sudoers
@@ -0,0 +1,3 @@
+Cmnd_Alias FAIL2BAN = /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status *
+telegraf ALL=(root) NOEXEC: NOPASSWD: FAIL2BAN
+Defaults!FAIL2BAN !logfile, !syslog, !pam_session
diff --git a/modules/tick/manifests/client/plugin/fail2ban.pp b/modules/tick/manifests/client/plugin/fail2ban.pp
new file mode 100644
index 0000000..f41e9b1
--- /dev/null
+++ b/modules/tick/manifests/client/plugin/fail2ban.pp
@@ -0,0 +1,12 @@
+class tick::client::plugin::fail2ban {
+ tick::client::plugin { "fail2ban":
+ opts => {
+ use_sudo => true,
+ }
+ }
+
+ file { "/etc/sudoers.d/telegraf-fail2ban":
+ source => 'puppet:///modules/tick/plugins/fail2ban.sudoers',
+ require => Package['sudo'];
+ }
+}
generated by cgit v1.2.3-54-g00ecf (git 2.45.1) at 2024-06-03 11:06:45 +0000