X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/a37b5cd0a0de895d04066f08aef048de3082257f..204605749875101d3316aa94917d0a4b6c055fb3:/cookbooks/fail2ban/resources/jail.rb diff --git a/cookbooks/fail2ban/resources/jail.rb b/cookbooks/fail2ban/resources/jail.rb index 01d9c502c..203a10f9a 100644 --- a/cookbooks/fail2ban/resources/jail.rb +++ b/cookbooks/fail2ban/resources/jail.rb @@ -17,20 +17,39 @@ # limitations under the License. # -actions :create, :delete default_action :create -attribute :name, :kind_of => String, :name_attribute => true -attribute :filter, :kind_of => String -attribute :logpath, :kind_of => String -attribute :protocol, :kind_of => String -attribute :ports, :kind_of => Array, :default => [] -attribute :maxretry, :kind_of => Integer +property :jail, :kind_of => String, :name_attribute => true +property :filter, :kind_of => String +property :logpath, :kind_of => String +property :protocol, :kind_of => String +property :ports, :kind_of => Array, :default => [] +property :maxretry, :kind_of => Integer +property :ignoreips, :kind_of => Array -def after_created - if node[:lsb][:release].to_f >= 14.04 - notifies :reload, "service[fail2ban]" - else - notifies :create, "template[/etc/fail2ban/jail.local]" +action :create do + template "/etc/fail2ban/jail.d/50-#{new_resource.jail}.conf" do + cookbook "fail2ban" + source "jail.erb" + owner "root" + group "root" + mode 0o644 + variables :name => new_resource.jail, + :filter => new_resource.filter, + :logpath => new_resource.logpath, + :protocol => new_resource.protocol, + :ports => new_resource.ports, + :maxretry => new_resource.maxretry, + :ignoreips => new_resource.ignoreips + end +end + +action :delete do + file "/etc/fail2ban/jail.d/50-#{new_resource.jail}.conf" do + action :delete end end + +def after_created + notifies :reload, "service[fail2ban]" +end