-
Notifications
You must be signed in to change notification settings - Fork 102
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Semi-automated using myii/ssf-formula#119 * Close #34 * Close #35 BREAKING CHANGE: all previous `fail2ban` based configurations must be reviewed; `fail2ban.ng` usage must be promoted to `fail2ban` and any uses of the original `fail2ban` will have to be converted.
- Loading branch information
Showing
17 changed files
with
221 additions
and
496 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,55 +1,104 @@ | ||
# -*- coding: utf-8 -*- | ||
# vim: ft=sls | ||
|
||
{% from "fail2ban/map.jinja" import fail2ban with context %} | ||
include: | ||
- fail2ban.deprecated | ||
- fail2ban | ||
{{ fail2ban.prefix }}/etc/fail2ban/fail2ban.local: | ||
{% if fail2ban.config %} | ||
file.managed: | ||
- source: salt://fail2ban/files/fail2ban_conf.template | ||
- template: jinja | ||
- context: | ||
config: | ||
Definition: {{ fail2ban.config|yaml }} | ||
fail2ban.config.fail2ban: | ||
{% if fail2ban.config is defined %} | ||
{% set fail2ban_config = fail2ban.config.get('source_path', | ||
'salt://fail2ban/files/config.jinja') %} | ||
file.managed: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/fail2ban.local | ||
- source: {{ fail2ban_config }} | ||
- user: {{ fail2ban.user|default('root') }} | ||
- group: {{ fail2ban.group|default('root') }} | ||
- mode: '{{ fail2ban.mode|default("644") }}' | ||
- template: jinja | ||
{% if fail2ban.config.source_path is not defined %} | ||
- context: | ||
config: | ||
Definition: {{ fail2ban.config|yaml }} | ||
{% endif %} | ||
{% else %} | ||
file.absent: | ||
file.absent: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/fail2ban.local | ||
{% endif %} | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
{{ fail2ban.prefix }}/etc/fail2ban/jail.local: | ||
{% if fail2ban.jails %} | ||
file.managed: | ||
- source: salt://fail2ban/files/fail2ban_conf.template | ||
- template: jinja | ||
- context: | ||
config: {{ fail2ban.jails|yaml }} | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
fail2ban.config.jails: | ||
{% if fail2ban.jails is defined %} | ||
{% set fail2ban_jails = fail2ban.jails.get('source_path', | ||
'salt://fail2ban/files/config.jinja') %} | ||
file.managed: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/jail.local | ||
- source: {{ fail2ban_jails }} | ||
- user: {{ fail2ban.user|default('root') }} | ||
- group: {{ fail2ban.group|default('root') }} | ||
- mode: '{{ fail2ban.mode|default("644") }}' | ||
- template: jinja | ||
{% if fail2ban.jails.source_path is not defined %} | ||
- context: | ||
config: {{ fail2ban.jails|yaml }} | ||
{% endif %} | ||
{% else %} | ||
file.absent: | ||
file.absent: | ||
{% endif %} | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
{% for name, config in fail2ban.actions|dictsort %} | ||
{{ fail2ban.prefix }}/etc/fail2ban/action.d/{{ name }}.local: | ||
file.managed: | ||
- source: salt://fail2ban/files/fail2ban_conf.template | ||
- template: jinja | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
- context: | ||
config: {{ config|yaml }} | ||
{% endfor %} | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
{% for name, config in fail2ban.filters|dictsort %} | ||
{{ fail2ban.prefix }}/etc/fail2ban/filter.d/{{ name }}.local: | ||
file.managed: | ||
- source: salt://fail2ban/files/fail2ban_conf.template | ||
- template: jinja | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
- context: | ||
config: {{ config|yaml }} | ||
{% for name, options in fail2ban.get('actions', {})|dictsort %} | ||
{% set fail2ban_actions = options.config.get('source_path', | ||
'salt://fail2ban/files/config.jinja') %} | ||
fail2ban.config.action.{{ name }}: | ||
{% if ( 'enabled' in options and options.enabled ) or ('enabled' not in options ) %} | ||
file.managed: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/action.d/{{ name }}.local | ||
- source: {{ fail2ban_actions }} | ||
- user: {{ fail2ban.user|default('root') }} | ||
- group: {{ fail2ban.group|default('root') }} | ||
- mode: '{{ fail2ban.mode|default("644") }}' | ||
- template: jinja | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
{% if options.config.source_path is not defined %} | ||
- context: | ||
config: {{ options.config|yaml }} | ||
{% endif %} | ||
{% elif 'enabled' in options and not options.enabled %} | ||
file.absent: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/action.d/{{ name }}.local | ||
{% endif %} | ||
{% endfor %} | ||
{% for name, options in fail2ban.get('filters', {})|dictsort %} | ||
{% set fail2ban_filters = options.config.get('source_path', | ||
'salt://fail2ban/files/config.jinja') %} | ||
fail2ban.config.filter.{{ name }}: | ||
{% if ( 'enabled' in options and options.enabled ) or ('enabled' not in options ) %} | ||
file.managed: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/filter.d/{{ name }}.local | ||
- source: {{ fail2ban_filters }} | ||
- user: {{ fail2ban.user|default('root') }} | ||
- group: {{ fail2ban.group|default('root') }} | ||
- mode: '{{ fail2ban.mode|default("644") }}' | ||
- template: jinja | ||
- watch_in: | ||
- service: {{ fail2ban.service }} | ||
{% if options.config.source_path is not defined %} | ||
- context: | ||
config: {{ options.config|yaml }} | ||
{% endif %} | ||
{% elif 'enabled' in options and not options.enabled %} | ||
file.absent: | ||
- name: {{ fail2ban.prefix }}/etc/fail2ban/filter.d/{{ name }}.local | ||
{% endif %} | ||
{% endfor %} |
This file was deleted.
Oops, something went wrong.
File renamed without changes.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,14 +1,7 @@ | ||
{% from "fail2ban/map.jinja" import fail2ban with context %} | ||
# -*- coding: utf-8 -*- | ||
# vim: ft=sls | ||
|
||
include: | ||
- fail2ban.deprecated | ||
fail2ban: | ||
pkg.installed: | ||
- name: {{ fail2ban.package }} | ||
service.running: | ||
- name: {{ fail2ban.service }} | ||
- enable: True | ||
- require: | ||
- pkg: fail2ban | ||
- fail2ban.install | ||
- fail2ban.config | ||
- fail2ban.service |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,8 @@ | ||
# -*- coding: utf-8 -*- | ||
# vim: ft=sls | ||
|
||
{% from "fail2ban/map.jinja" import fail2ban with context %} | ||
fail2ban.install: | ||
pkg.installed: | ||
- name: {{ fail2ban.package }} |
Oops, something went wrong.