Add Fail2ban conf

This commit is contained in:
Edgar P. Burkhart 2023-05-17 09:07:02 +02:00
parent ca47bc97d2
commit a4a7d6b544
Signed by: edpibu
GPG key ID: 9833D3C5A25BD227
3 changed files with 49 additions and 0 deletions

3
src/Fail2ban/.install.fish Executable file
View file

@ -0,0 +1,3 @@
#!/usr/bin/env fish
read -P "Install main config [yN] ? " inst
test $inst = "y"; and sudo install -m a=r,u=rw -b -D -t /etc/fail2ban jail.local

2
src/Fail2ban/README.md Normal file
View file

@ -0,0 +1,2 @@
# Fail2ban
Install to `/etc/fail2ban/`.

44
src/Fail2ban/jail.local Normal file
View file

@ -0,0 +1,44 @@
[DEFAULT]
bantime = 6h
bantime.rndtime = 3600
#bantime.factor = 3
bantime.increment = true
ignoreip = 127.0.0.1/8 ::1
banaction = ufw
banaction_allports = ufw[type=allports]
destemail = fail2ban@edgarpierre.fr
sender = fail2ban@edgarpierre.fr
action = %(action_mwl)s
[sshd]
enabled = true
mode = aggressive
[postfix]
enabled = true
mode = aggressive
[dovecot]
enabled = true
mode = aggressive
[bitwarden]
enabled = true
logpath = /var/log/vaultwarden.log
[nginx-http-auth]
enabled = true
[nginx-botsearch]
enabled = true
[sieve]
enabled = true
[nextcloud]
enabled = true
logpath = /var/log/nextcloud/nextcloud.log