Puppet Class: cd_fail2ban::params

Inherited by:
cd_fail2ban::main::dirs
cd_fail2ban::main::files
cd_fail2ban::main::config
cd_fail2ban::main::install
cd_fail2ban::main::service
Defined in:
manifests/params.pp

Summary

Class holds all parameters for the cd_fail2ban module and is inherited by all classes except defines.

Overview

cd_fail2ban::params.pp Module name: cd_fail2ban Author: Arne Teuke (arne_teuke@confdroid.com) License: This file is part of cd_fail2ban.

cd_fail2ban is used for providing automatic configuration of Fail2Ban Copyright (C) 2017 confdroid (copyright@confdroid.com) This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program. If not, see www.gnu.org/licenses/. CRITICAL,ERROR,WARNING,NOTICE,INFO and DEBUG.

Parameters:

  • pkg_ensure (string) (defaults to: 'latest')

    which package type to choose, i.e. latest or present.

  • fn_manage_config (boolean) (defaults to: true)

    Whether to manage the fail2ban configuration files. If set to false, fail2ban will be installed, but the configuration will not be managed.

  • fn_enable_service (string) (defaults to: 'running')

    Whether to enable/start or disable/stop the fail2ban service. Valid options are running or stopped.

  • fn_loglevel (string) (defaults to: 'INFO')

    Set the log level output. Valid options are

  • fn_logtarget (string) (defaults to: 'SYSLOG')

    Set the log target. This could be a file, SYSLOG, STDERR or STDOUT. Only one log target can be specified.

  • fn_syslogsocket (string) (defaults to: 'auto')

    Set the syslog socket file. Only used when logtarget is SYSLOG. auto uses platform.system() to determine predefined paths Valid options: [ auto | FILE ].

  • fn_socket (string) (defaults to: '/var/run/fail2ban/fail2ban.sock')

    Set the socket file to communicate with the daemon.

  • fn_pidfile (string) (defaults to: '/var/run/fail2ban/fail2ban.pid')

    Set the PID file to store the process ID of the fail2ban server.

  • fn_dbfile (string) (defaults to: '/var/lib/fail2ban/fail2ban.sqlite3')

    file for the fail2ban persistent data to be stored. A value of ":memory:" means database is only stored in memory and data is lost when fail2ban is stopped. A value of "None" disables the database.

  • fn_dbpurgeage (string) (defaults to: '86400')

    age in seconds at which bans should be purged from the database.



48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
 
# File 'manifests/params.pp', line 48

class cd_fail2ban::params (

$pkg_ensure             = 'latest',

$fn_manage_config       = true,
$fn_enable_service      = 'running',
$fn_loglevel            = 'INFO',
$fn_logtarget           = 'SYSLOG',
$fn_syslogsocket        = 'auto',
$fn_socket              = '/var/run/fail2ban/fail2ban.sock',
$fn_pidfile             = '/var/run/fail2ban/fail2ban.pid',
$fn_dbfile              = '/var/lib/fail2ban/fail2ban.sqlite3',
$fn_dbpurgeage          = '86400',


) {

# installation section
$reqpackages  = $::operatingsystem ? {
    /(?i-mx:centos|fedora|redhat)/ => ['fail2ban','fail2ban-firewalld',
                                        'fail2ban-sendmail',
                                        'fail2ban-server.noarch'],
  }


# service
$fn_service             = 'fail2ban'

# directories
$fn_main_dir            = '/etc/fail2ban'
$fn_action_d_dir        = "${fn_main_dir}/action.d"
$fn_fail2ban_d_dir      = "${fn_main_dir}/fail2ban.d"
$fn_filter_d_dir        = "${fn_main_dir}/filter.d"
$fn_jail_d_dir          = "${fn_main_dir}/jail.d"
$fn_var_lib_dir         = '/var/lib/fail2ban'
$fn_var_run_dir         = '/var/run/fail2ban'

# files
$fn_fail2ban_conf_file  = "${fn_main_dir}/fail2ban.conf"
$fn_fail2ban_conf_erb   = 'cd_fail2ban/fail2ban_conf.erb'
$fn_fail2ban_local_file = "${fn_main_dir}/fail2ban.local"
$fn_fail2ban_local_erb  = 'cd_fail2ban/fail2ban_local.erb'

# includes must be last

  include cd_fail2ban::main::config

}