#!/bin/bash

cat <<EOF > /etc/fail2ban/jail.d/nocloud_traefik.conf
[traefik-auth]
enabled = true
logpath = /home/dockerweb/traefik/log/access.log
chain = DOCKER-USER
mode = aggressive
findtime = 4h
banaction = docker-page
EOF
cat <<EOF > /etc/fail2ban/jail.d/nocloud_base.conf
[sshd]
enabled = true
chain = DOCKER-USER
[recidive-docker]
enabled = true
filter = recidive
chain = DOCKER-USER
logpath  = /var/log/fail2ban.log
banaction = %(banaction_allports)s
bantime  = 1w
findtime = 1d
EOF
cat <<EOF > /etc/fail2ban/action.d/docker-page.conf
[Definition]

actionstart =

actionstop =

actioncheck =

actionban = cd /home/dockerweb/ban; bash ban.sh <ip>

actionunban = cd /home/dockerweb/ban; bash unban.sh <ip>
EOF
fail2ban-client reload