Skip to content
Snippets Groups Projects
Verified Commit 59f2afc6 authored by David Beniamine's avatar David Beniamine
Browse files

Upgrade traefik fail2ban jails on update

parent 83451675
No related branches found
No related tags found
No related merge requests found
...@@ -43,21 +43,4 @@ touch acme.json ...@@ -43,21 +43,4 @@ touch acme.json
chmod 600 acme.json chmod 600 acme.json
echo "Update /home/dockerweb/traefik/docker-compose.yml to change htpassword line 29" echo "Update /home/dockerweb/traefik/docker-compose.yml to change htpassword line 29"
bash $DIR/upgrade/traefik_fail2ban.sh
cat <<EOF > /etc/fail2ban/jail.d/nocloud_traefik.conf
[traefik-auth]
enabled = true
logpath = /home/dockerweb/traefik/log/access.log
chain = DOCKER-USER
mode = aggressive
findtime = 4h
EOF
cat <<EOF > /etc/fail2ban/jail.d/nocloud_base.conf
[sshd]
enabled = true
chain = DOCKER-USER
[recidive]
enabled = true
chain = DOCKER-USER
EOF
fail2ban-client reload
...@@ -63,3 +63,5 @@ find /home/dockerweb -name "docker-compose.yml" | while read file; do ...@@ -63,3 +63,5 @@ find /home/dockerweb -name "docker-compose.yml" | while read file; do
fi fi
cd - cd -
done done
bash $DIR/upgrade/traefik_fail2ban.sh
#!/bin/bash
cat <<EOF > /etc/fail2ban/jail.d/nocloud_traefik.conf
[traefik-auth]
enabled = true
logpath = /home/dockerweb/traefik/log/access.log
chain = DOCKER-USER
mode = aggressive
findtime = 4h
EOF
cat <<EOF > /etc/fail2ban/jail.d/nocloud_base.conf
[sshd]
enabled = true
chain = DOCKER-USER
[recidive-docker]
enabled = true
filter = recidive
chain = DOCKER-USER
logpath = /var/log/fail2ban.log
banaction = %(banaction_allports)s
bantime = 1w
findtime = 1d
EOF
fail2ban-client reload
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment