diff options
Diffstat (limited to 'modules/tick')
-rw-r--r-- | modules/tick/files/plugins/fail2ban.sudoers | 3 | ||||
-rw-r--r-- | modules/tick/manifests/client/plugin/fail2ban.pp | 12 |
2 files changed, 15 insertions, 0 deletions
diff --git a/modules/tick/files/plugins/fail2ban.sudoers b/modules/tick/files/plugins/fail2ban.sudoers new file mode 100644 index 0000000..c172266 --- /dev/null +++ b/modules/tick/files/plugins/fail2ban.sudoers @@ -0,0 +1,3 @@ +Cmnd_Alias FAIL2BAN = /usr/bin/fail2ban-client status, /usr/bin/fail2ban-client status * +telegraf ALL=(root) NOEXEC: NOPASSWD: FAIL2BAN +Defaults!FAIL2BAN !logfile, !syslog, !pam_session diff --git a/modules/tick/manifests/client/plugin/fail2ban.pp b/modules/tick/manifests/client/plugin/fail2ban.pp new file mode 100644 index 0000000..f41e9b1 --- /dev/null +++ b/modules/tick/manifests/client/plugin/fail2ban.pp @@ -0,0 +1,12 @@ +class tick::client::plugin::fail2ban { + tick::client::plugin { "fail2ban": + opts => { + use_sudo => true, + } + } + + file { "/etc/sudoers.d/telegraf-fail2ban": + source => 'puppet:///modules/tick/plugins/fail2ban.sudoers', + require => Package['sudo']; + } +} |