From: Tom Hughes Date: Mon, 15 Jun 2015 19:29:41 +0000 (+0100) Subject: Add fail2ban_filter for defining fail2ban filters X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/004b2d4fea1d51c00896c98fadab13654cf8ff4c?ds=sidebyside Add fail2ban_filter for defining fail2ban filters --- diff --git a/cookbooks/fail2ban/providers/filter.rb b/cookbooks/fail2ban/providers/filter.rb new file mode 100644 index 000000000..840dc4825 --- /dev/null +++ b/cookbooks/fail2ban/providers/filter.rb @@ -0,0 +1,39 @@ +# +# Cookbook Name:: fail2ban +# Provider:: fail2ban_filter +# +# Copyright 2015, OpenStreetMap Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +def whyrun_supported? + true +end + +use_inline_resources + +action :create do + remote_file "/etc/fail2ban/filter.d/#{new_resource.name}.conf" do + source new_resource.source + owner "root" + group "root" + mode 0644 + end +end + +action :delete do + file "/etc/fail2ban/filter.d/#{new_resource.name}.conf" do + action :delete + end +end diff --git a/cookbooks/fail2ban/resources/filter.rb b/cookbooks/fail2ban/resources/filter.rb new file mode 100644 index 000000000..0a13c836a --- /dev/null +++ b/cookbooks/fail2ban/resources/filter.rb @@ -0,0 +1,28 @@ +# +# Cookbook Name:: fail2ban +# Resource:: fail2ban_filter +# +# Copyright 2015, OpenStreetMap Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +actions :create, :delete +default_action :create + +attribute :name, :kind_of => String, :name_attribute => true +attribute :source, :kind_of => String + +def after_created + notifies :reload, "service[fail2ban]" +end diff --git a/cookbooks/wordpress/recipes/default.rb b/cookbooks/wordpress/recipes/default.rb index 65c486abf..b8db4b29a 100644 --- a/cookbooks/wordpress/recipes/default.rb +++ b/cookbooks/wordpress/recipes/default.rb @@ -31,12 +31,8 @@ package "php-apc" apache_module "php5" apache_module "rewrite" -remote_file "/etc/fail2ban/filter.d/wordpress.conf" do - action :create_if_missing +fail2ban_filter "wordpress" do source "http://plugins.svn.wordpress.org/wp-fail2ban/trunk/wordpress.conf" - owner "root" - group "root" - mode 0644 end fail2ban_jail "wordpress" do