Add ncftp to dev

[chef.git] / cookbooks / fail2ban / recipes / default.rb

diff --git a/cookbooks/fail2ban/recipes/default.rb b/cookbooks/fail2ban/recipes/default.rb
index 1fe3840cce1e58e3c2c82d39c6352f396013f06a..216572989067f79898af72f859da3b28462a1284 100644 (file)
--- a/cookbooks/fail2ban/recipes/default.rb
+++ b/cookbooks/fail2ban/recipes/default.rb
@@ -1,14 +1,14 @@
 #
-# Cookbook Name:: fail2ban
+# Cookbook:: fail2ban
 # Recipe:: default
 #
-# Copyright 2013, OpenStreetMap Foundation
+# Copyright:: 2013, OpenStreetMap Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#     http://www.apache.org/licenses/LICENSE-2.0
+#     https://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
@@ -17,18 +17,42 @@
 # limitations under the License.
 #
 
-package "fail2ban"
+include_recipe "prometheus"
 
-template "/etc/fail2ban/jail.local" do
-  source "jail.erb"
+package %w[
+  fail2ban
+  python3-systemd
+  ruby-webrick
+]
+
+if platform?("debian")
+  package "python3-inotify"
+else
+  package "gamin"
+end
+
+template "/etc/fail2ban/jail.d/00-default.conf" do
+  source "jail.default.erb"
   owner "root"
   group "root"
-  mode 0644
-  variables :jails => []
+  mode "644"
+  notifies :restart, "service[fail2ban]"
+end
+
+template "/etc/fail2ban/paths-overrides.local" do
+  source "paths-overrides.local.erb"
+  owner "root"
+  group "root"
+  mode "644"
+  notifies :restart, "service[fail2ban]"
 end
 
 service "fail2ban" do
-  action [ :enable, :start ]
-  supports :status => true, :reload => true, :restart => true
-  subscribes :reload, "template[/etc/fail2ban/jail.local]"
+  action [:enable, :start]
+end
+
+prometheus_exporter "fail2ban" do
+  port 9635
+  user "root"
+  restrict_address_families "AF_UNIX"
 end