Recommit for updates in build 222

doc/puppet_classes/confdroid_nagios_3A_3Aparams.html

@@ -3947,19 +3947,6 @@ inherited by all classes except defines.
 <p>The alias of the default service group. Default is ‘Linux Services’.</p>
 </div>
       
-    </li>
-  
-    <li>
-      
-        <span class='name'>ng_use_ssl_auth</span>
-      
-      
-        <span class='type'>(<tt>String</tt>)</span>
-      
-      
-        <em class="default">(defaults to: <tt>&#39;0&#39;</tt>)</em>
-      
-      
     </li>
   
     <li>
@@ -3973,6 +3960,132 @@ inherited by all classes except defines.
         <em class="default">(defaults to: <tt>false</tt>)</em>
       
       
+        &mdash;
+        <div class='inline'>
+<p>Whether to enable fail2ban monitoring in Nagios. Default is false.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_jail_order</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;10&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>The order number of jails in the jail.d directory. Default is ‘10’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_jail_enable</span>
+      
+      
+        <span class='type'>(<tt>Boolean</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>true</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>Whether to enable the monitoring of a specific jail in Nagios. Default is ‘true’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_fail2ban_logpath</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;/var/log/httpd/access.log&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>The path to the nagios access log to monitor. Default is ‘/var/log/httpd/access.log’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_fail2ban_maxretry</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;5&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>The maximum number of retries before a host is considered banned in fail2ban. Default is ‘5’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_fail2ban_bantime</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;3600&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>The time in seconds that a host is banned in fail2ban. Default is ‘3600’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_fail2ban_ignoreip</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;127.0.0.1/8 ::1 192.168.1.0/24&#39;</tt>)</em>
+      
+      
+        &mdash;
+        <div class='inline'>
+<p>A comma-separated list of IP addresses to ignore in fail2ban. Default is ‘127.0.0.1/8 ::1 192.168.1.0/24’.</p>
+</div>
+      
+    </li>
+  
+    <li>
+      
+        <span class='name'>ng_use_ssl_auth</span>
+      
+      
+        <span class='type'>(<tt>String</tt>)</span>
+      
+      
+        <em class="default">(defaults to: <tt>&#39;0&#39;</tt>)</em>
+      
+      
     </li>
   
 </ul>
@@ -3986,20 +4099,6 @@ inherited by all classes except defines.
         <pre class="lines">
 
 
-431
-432
-433
-434
-435
-436
-437
-438
-439
-440
-441
-442
-443
-444
 445
 446
 447
@@ -4321,10 +4420,33 @@ inherited by all classes except defines.
 763
 764
 765
-766</pre>
+766
+767
+768
+769
+770
+771
+772
+773
+774
+775
+776
+777
+778
+779
+780
+781
+782
+783
+784
+785
+786
+787
+788
+789</pre>
       </td>
       <td>
-        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 431</span>
+        <pre class="code"><span class="info file"># File 'manifests/params.pp', line 445</span>
 
 class confdroid_nagios::params (
 
@@ -4569,13 +4691,16 @@ class confdroid_nagios::params (
   Boolean $ng_enable_swap_check         = true,
 
 # fail2ban
-  Boolean $ng_enable_fail2ban          = false,
+  Boolean $ng_enable_fail2ban           = false,
+  String $ng_jail_order                 = &#39;10&#39;,
+  Boolean $ng_jail_enable               = true,
   #String $ng_fail2ban_jail             = &#39;httpd&#39;,
-  #String $ng_fail2ban_log              = &#39;/var/log/secure&#39;,
+  String $ng_fail2ban_logpath           = &#39;/var/log/httpd/access.log&#39;,
   #String $ng_fail2ban_regex            = &#39;sshd.*Failed password for&#39;,
-  #String $ng_fail2ban_maxretry         = &#39;5&#39;,
+  String $ng_fail2ban_maxretry          = &#39;5&#39;,
   #String $ng_fail2ban_findtime         = &#39;600&#39;,
-  #String $ng_fail2ban_bantime          = &#39;3600&#39;,
+  String $ng_fail2ban_bantime           = &#39;3600&#39;,
+  String $ng_fail2ban_ignoreip          = &#39;127.0.0.1/8 ::1 192.168.1.0/24&#39;
 
 ) {
 # Default facts
@@ -4659,6 +4784,12 @@ class confdroid_nagios::params (
   $ng_svc_perfdata_file       = &quot;${ng_log_dir}/service-perfdata&quot;
   $ng_debug_file              = &quot;${ng_log_dir}/nagios.debug&quot;
 
+# fail2ban
+  $fn_jail_path               = &#39;/etc/fail2ban/jail.d&#39;
+  $fn_jail_file               = &quot;${fn_jail_path}/${ng_jail_order}-nagios.conf&quot;
+  $fn_filter_path             = &#39;/etc/fail2ban/filter.d&#39;
+  $fn_filter_file             = &quot;${fn_filter_path}/${ng_jail_order}-nagios.conf&quot;
+
 # includes must be last
   include confdroid_nagios::main::config
 }</pre>