confdroid/confdroid_fail2ban
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rewite general

Browse Source
This commit is contained in:
Arne Teuke
2026-03-11 12:12:23 +01:00
parent 95d624e813
commit b048bd8f48
30 changed files with 124 additions and 4074 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
README.md
View File

@@ -1,14 +1,26 @@
# Readme
[![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=fail2ban_cd)](https://jenkins.confdroid.com/job/fail2ban_cd/)
[![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=confdroid_fail2ban&style=plastic)](https://jenkins.confdroid.com/job/confdroid_fail2ban/)
[[_TOC_]]
- [Readme](#readme)
- [Synopsis](#synopsis)
- [WARNING](#warning)
- [Features](#features)
- [Dependencies](#dependencies)
- [Deployment](#deployment)
- [Parameters](#parameters)
- [SELINUX](#selinux)
- [Known Problems](#known-problems)
- [Support](#support)
- [Tests](#tests)
- [Contact Us](#contact-us)
- [Disclaimer](#disclaimer)
## Synopsis
Fail2Ban is an intrusion prevention software framework that protects computer servers from brute-force attacks.
`fail2ban_cd` is a Puppet module to automate installation, configuration and management of fail2ban settings and rules.
`confdroid_fail2ban` is a Puppet module to automate installation, configuration and management of fail2ban settings and rules.
## WARNING
@@ -18,27 +30,26 @@ Fail2Ban is an intrusion prevention software framework that protects computer se
Installation
* install required binaries
- install required binaries
Configuration
* manage directory structure (file system permissions, selinux context)
* manage configuration files (file system permissions, selinux context, content based on parameters)
- manage directory structure (file system permissions, selinux context)
- manage configuration files (file system permissions, selinux context, content based on parameters)
Service
* manage service status
- manage service status
## Dependencies
All dependencies must be included in the catalogue.
* [cd_resources](https://gitlab.confdroid.com/puppet/cd_resources) to manage yum base repos
* [cd_firewall](https://gitlab.confdroid.com/puppet/cd_firewall) or puppetlabs-firewall to manage firewall settings (optional)
- puppetlabs-firewall to manage firewall settings (optional)
## Deployment
* native Puppet deployment
- native Puppet deployment
via site.pp or nodes.pp
@@ -48,9 +59,9 @@ node 'example.example.net' {
}
```
* through Foreman:
- through Foreman:
In order to apply parameters through Foreman, **__fail2ban_cd::params__** must be added to the host or host group in question.
In order to apply parameters through Foreman, **__confdroid_fail2ban::params__** must be added to the host or host group in question.
See [more details about class deployment on Confdroid.com](https://confdroid.com/2017/05/deploying-our-puppet-modules/).
@@ -64,25 +75,24 @@ All files and directories are configured with correct selinux context. If selinu
## Known Problems
* firewalld: firewalld is auto-installed on CentOS7 as dependency of fail2ban by yum.
## Support
* OS: Rocky 9
* Puppet 8
- OS: Rocky 9
- Puppet 8
## Tests
* Puppet Lint
* excluded tests:
* `--no-variable_scope-check`: not applicable as we are inheriting parameters from params class. the lint check does not distinguish between facts and inherited parameters.
* Puppet Parser
* ERB Template Parser
* Sonar Quality Gate
- Puppet Lint
- excluded tests:
- `--no-variable_scope-check`: not applicable as we are inheriting parameters from params class. the lint check does not distinguish between facts and inherited parameters.
- Puppet Parser
- ERB Template Parser
- Sonar Quality Gate
## Contact Us
[contact Us](https://confdroid.com/contact/)
[Feedback Portal](https://feedback.confdroid.com/)
## Disclaimer