## confdroid_nagios::monitoring::fail2ban.pp
# Module name: confdroid_nagios
# Author: 12ww1160 (12ww1160@confdroid.com)
# @summary  Class manages fail2ban monitoring for the confdroid_nagios module.
###############################################################################
class confdroid_nagios::monitoring::fail2ban (

) inherits confdroid_nagios::params {
  # we want to  create a nagios jail here
  if ($ng_nagios_host == $fqdn)  and ($ng_enable_fail2ban == true) {
    require confdroid_fail2ban

    # create the jail file
    file { $fn_jail_file:
      ensure   => file,
      user     => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => etc_t,
      seluser  => system_u,
      content  => template('confdroid_nagios/fail2ban/jail.conf.erb'),
      notify   => Service['fail2ban'],
    }

    # create the filter rule
    file { $fn_filter_file:
      ensure   => file,
      user     => 'root',
      group    => 'root',
      mode     => '0644',
      selrange => s0,
      selrole  => object_r,
      seltype  => etc_t,
      seluser  => system_u,
      content  => template('confdroid_nagios/fail2ban/filter.conf.erb'),
      notify   => Service['fail2ban'],
    }
  }
}