diff --git a/main.env.sample b/main.env.sample index 30a746dbe7e66c7e9a9178ff7a9db7f7b0a13456..f1c589dc30046776c337756da9f22434bbb1184a 100644 --- a/main.env.sample +++ b/main.env.sample @@ -13,6 +13,11 @@ export DOMAIN="dev.tetras-libre.fr" export SERVER_ADMIN="sysadmin@tetras-libre.fr" +export IGNORE_DOMAINES=( + "tetrix.tetras-libre.fr" + "piculus.tetras-libre.fr" +) + # can be set to nginx export WEB_SERVER="apache2" # You can define here some services that are badly detected by checkrestart diff --git a/utils/configure_base_tools.sh b/utils/configure_base_tools.sh index 095224683147d0a08b9336474279aa0cbeb6c07d..622cb426710c1f9f295736dae6206b4bb7df4c26 100755 --- a/utils/configure_base_tools.sh +++ b/utils/configure_base_tools.sh @@ -1,6 +1,18 @@ #!/bin/bash +set -o nounset # Treat unset variables as an error + echo "RUN $(basename "$0") ===" +DIR=$(realpath $(dirname $0)/..) +if [ ! -e $DIR/main.env ] +then + echo "Please copy in racine of NoCloud Auto Installer main.env.sample to main.env and edit it" + exit 1 +else + echo "Environment file loaded" +fi +. $DIR/main.env + if [ -z "$(grep '^alias ls=' /root/.bashrc)" ] then @@ -35,10 +47,21 @@ syntax on filetype plugin indent on EOF +ignoreips=() + +for domaine in "${IGNORE_DOMAINES[@]}"; do + # Utilise dig pour obtenir l'adresse IP + ip=$(dig +short "$domaine") + ignoreips=("${ignoreips[@]}" $ip) + # Affiche le nom de domaine et l'adresse IP + echo "$domaine : $ip" +done + cat <<EOF > /etc/fail2ban/jail.local [DEFAULT] -# Ignore Tetras Libre IPs -ignoreip = 127.0.0.1/8 ::1 $(dig +short servermon.tetras-libre.fr | tail -n 1) $(dig +short tetrix.tetras-libre.fr | tail -n 1) $(docker network inspect traefik | awk '/Subnet/{print $2}' | sed -e 's/"//g' -e 's/,$//') +ignoreip = 127.0.0.1/8 ::1 ${ignoreips[@]} $(docker network inspect traefik | awk '/Subnet/{print $2}' | sed -e 's/"//g' -e 's/,$//') + EOF + fail2ban-client reload diff --git a/utils/getIgnoreIp.sh b/utils/getIgnoreIp.sh new file mode 100644 index 0000000000000000000000000000000000000000..f8cdad8bc616ce08d44a3493c389cec95b5fc890 --- /dev/null +++ b/utils/getIgnoreIp.sh @@ -0,0 +1,26 @@ +#!/usr/bin/env bash + +set -o nounset # Treat unset variables as an error + +echo "RUN $(basename "$0") ===" + +DIR=$(realpath $(dirname $0)/..) +if [ ! -e $DIR/main.env ] +then + echo "Please copy in racine of NoCloud Auto Installer main.env.sample to main.env and edit it" + exit 1 +else + echo "Environment file loaded" +fi +. $DIR/main.env + + +ignoreips=() + +for domaine in "${IGNORE_DOMAINES[@]}"; do + # Utilise dig pour obtenir l'adresse IP + ip=$(dig +short "$domaine") + ignoreips=("${ignoreips[@]}" $ip) + # Affiche le nom de domaine et l'adresse IP + echo "$domaine : $ip" +done