From 9be289f6ca62466cd80a1ee4cf8a7c819b3831b8 Mon Sep 17 00:00:00 2001 From: Sarah Hoffmann Date: Wed, 7 Feb 2018 21:39:04 +0100 Subject: [PATCH 1/1] nominatim: reinstate fail2ban on restricted_ips.log This file is smaller so that fail2ban hopefully can handle it. --- cookbooks/nominatim/recipes/default.rb | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/cookbooks/nominatim/recipes/default.rb b/cookbooks/nominatim/recipes/default.rb index 05227bb46..d667db3cf 100644 --- a/cookbooks/nominatim/recipes/default.rb +++ b/cookbooks/nominatim/recipes/default.rb @@ -370,6 +370,19 @@ template "/etc/logrotate.d/apache2" do mode 0o644 end +include_recipe "fail2ban" + +fail2ban_filter "nominatim" do + failregex "Warning ignored: " +end + +fail2ban_jail "nominatim" do + filter "nominatim" + logpath "#{node[:nominatim][:logdir]}/restricted_ips.log" + ports [80, 443] + maxretry 3 +end + munin_plugin_conf "nominatim" do template "munin.erb" variables :db => node[:nominatim][:dbname], -- 2.39.5