From: Tom Hughes <tom@compton.nu>
Date: Fri, 14 Feb 2020 16:29:49 +0000 (+0000)
Subject: Make fail2ban use the journal to monitor sshd
X-Git-Url: https://git.openstreetmap.org./chef.git/commitdiff_plain/c4b78405fd353d9d34ffd56593e14d40d21d1d5c?ds=inline

Make fail2ban use the journal to monitor sshd
---

diff --git a/cookbooks/fail2ban/recipes/default.rb b/cookbooks/fail2ban/recipes/default.rb
index a002fe131..6213a3814 100644
--- a/cookbooks/fail2ban/recipes/default.rb
+++ b/cookbooks/fail2ban/recipes/default.rb
@@ -27,6 +27,14 @@ template "/etc/fail2ban/jail.d/00-default.conf" do
   notifies :restart, "service[fail2ban]"
 end
 
+template "/etc/fail2ban/paths-overrides.local" do
+  source "paths-overrides.local.erb"
+  owner "root"
+  group "root"
+  mode 0o644
+  notifies :restart, "service[fail2ban]"
+end
+
 service "fail2ban" do
   action [:enable, :start]
 end
diff --git a/cookbooks/fail2ban/templates/default/paths-overrides.local.erb b/cookbooks/fail2ban/templates/default/paths-overrides.local.erb
new file mode 100644
index 000000000..7fbd19a79
--- /dev/null
+++ b/cookbooks/fail2ban/templates/default/paths-overrides.local.erb
@@ -0,0 +1,4 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+[DEFAULT]
+sshd_backend = systemd