diff --git a/scripts/backup b/scripts/backup index b34f795..0138445 100755 --- a/scripts/backup +++ b/scripts/backup @@ -41,6 +41,13 @@ ynh_backup --src_path="/etc/php/$phpversion/fpm/pool.d/$app.conf" ynh_backup --src_path="/etc/logrotate.d/$app" +#================================================= +# BACKUP FAIL2BAN CONFIGURATION +#================================================= + +ynh_backup --src_path="/etc/fail2ban/jail.d/$app.conf" +ynh_backup --src_path="/etc/fail2ban/filter.d/$app.conf" + #================================================= # BACKUP VARIOUS FILES #================================================= diff --git a/scripts/install b/scripts/install index 1284f1d..298211f 100755 --- a/scripts/install +++ b/scripts/install @@ -49,6 +49,14 @@ ynh_script_progression --message="Configuring log rotation..." --weight=1 # Use logrotate to manage application logfile(s) ynh_use_logrotate +#================================================= +# SETUP FAIL2BAN +#================================================= +ynh_script_progression --message="Upgrading fail2ban configuration..." + +# Create a dedicated Fail2Ban config +ynh_add_fail2ban_config --logpath="/var/log/${domain}-access.log" --failregex=" .* \"GET /api/.*\" 401" --max_retry=5 + #================================================= # SPECIFIC SETUP #================================================= diff --git a/scripts/remove b/scripts/remove index 67760a8..3ff5c07 100755 --- a/scripts/remove +++ b/scripts/remove @@ -56,6 +56,14 @@ ynh_script_progression --message="Removing logrotate configuration..." --weight= # Remove the app-specific logrotate config ynh_remove_logrotate +#================================================= +# REMOVE FAIL2BAN CONFIGURATION +#================================================= + +ynh_script_progression --message="Removing fail2ban configuration..." --weight=1 + +ynh_remove_fail2ban_config + #================================================= # END OF SCRIPT #================================================= diff --git a/scripts/restore b/scripts/restore index 28bda64..f9759a3 100644 --- a/scripts/restore +++ b/scripts/restore @@ -66,6 +66,14 @@ ynh_script_progression --message="Restoring the logrotate configuration..." --we ynh_restore_file --origin_path="/etc/logrotate.d/$app" +#================================================= +# RESTORE THE FAIL2BAN CONFIGURATION +#================================================= + +ynh_restore_file --origin_path="/etc/fail2ban/jail.d/$app.conf" +ynh_restore_file --origin_path="/etc/fail2ban/filter.d/$app.conf" +ynh_systemd_action --action=restart --service_name=fail2ban + #================================================= # GENERIC FINALIZATION #=================================================