Add Fail2ban conf

2023-05-17 09:07:02 +02:00 · 2023-05-17 09:07:02 +02:00 · a4a7d6b544
commit a4a7d6b544
parent ca47bc97d2
3 changed files with 49 additions and 0 deletions
--- a/src/Fail2ban/.install.fish
+++ b/src/Fail2ban/.install.fish
@ -0,0 +1,3 @@
+#!/usr/bin/env fish
+read -P "Install main config [yN] ? " inst
+test $inst = "y"; and sudo install -m a=r,u=rw -b -D -t /etc/fail2ban jail.local
--- a/src/Fail2ban/README.md
+++ b/src/Fail2ban/README.md
@ -0,0 +1,2 @@
+# Fail2ban
+Install to `/etc/fail2ban/`.
--- a/src/Fail2ban/jail.local
+++ b/src/Fail2ban/jail.local
@ -0,0 +1,44 @@
+[DEFAULT]
+bantime = 6h
+bantime.rndtime = 3600
+#bantime.factor = 3
+bantime.increment = true
+
+ignoreip = 127.0.0.1/8 ::1
+
+banaction = ufw
+banaction_allports = ufw[type=allports]
+
+destemail = fail2ban@edgarpierre.fr
+sender = fail2ban@edgarpierre.fr
+
+action = %(action_mwl)s
+
+[sshd]
+enabled = true
+mode = aggressive
+
+[postfix]
+enabled = true
+mode = aggressive
+
+[dovecot]
+enabled = true
+mode = aggressive
+
+[bitwarden]
+enabled = true
+logpath = /var/log/vaultwarden.log
+
+[nginx-http-auth]
+enabled = true
+
+[nginx-botsearch]
+enabled = true
+
+[sieve]
+enabled = true
+
+[nextcloud]
+enabled = true
+logpath = /var/log/nextcloud/nextcloud.log