confdroid/confdroid_fail2ban
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

added controls for main conf/local files

Browse Source
This commit is contained in:
Arne Teuke
2017-08-03 15:29:17 +01:00
parent fdf29a4e38
commit 202c50762d
8 changed files with 199 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
manifests/main/config.pp
View File

@@ -25,7 +25,6 @@ class cd_fail2ban::main::config (
) inherits cd_fail2ban::params {
if $fn_enable_fail2ban == true {
include cd_fail2ban::main::service
}
}

16
manifests/main/dirs.pp
View File

@@ -109,4 +109,20 @@ class cd_fail2ban::main::dirs (
seltype => fail2ban_var_lib_t,
seluser => system_u,
}
# manage /var/run/fail2bam
file { $fn_var_run_dir:
ensure => directory,
path => $fn_var_run_dir,
owner => 'root',
group => 'root',
mode => '0755',
selrange => s0,
selrole => object_r,
seltype => fail2ban_var_run_t,
seluser => system_u,
}
}

35
manifests/main/files.pp
View File

@@ -26,4 +26,39 @@ class cd_fail2ban::main::files (
require cd_fail2ban::main::dirs
if $fn_manage_config == true {
# manage fail2ban.conf
file { $fn_fail2ban_conf_file:
ensure => present,
path => $fn_fail2ban_conf_file,
owner => 'root',
group => 'root',
mode => '0640',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
content => template($fn_fail2ban_conf_erb),
notify => Service[$fn_service],
}
# manage fail2ban.local
file { $fn_fail2ban_local_file:
ensure => present,
path => $fn_fail2ban_local_file,
owner => 'root',
group => 'root',
mode => '0640',
selrange => s0,
selrole => object_r,
seltype => etc_t,
seluser => system_u,
content => template($fn_fail2ban_conf_erb),
notify => Service[$fn_service],
}
}
}

3
manifests/main/service.pp
View File

@@ -27,9 +27,10 @@ class cd_fail2ban::main::service (
require cd_fail2ban::main::files
service { $fn_service:
ensure => running,
ensure => $fn_enable_service,
hasstatus => true,
hasrestart => true,
enable => true,
}
}