1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/monitorix_ynh.git synced 2024-09-03 19:46:06 +02:00

Improve jail management

This commit is contained in:
Josué Tille 2020-05-13 15:19:34 +02:00
parent e8b8dccbc8
commit bd98886b20
No known key found for this signature in database
GPG key ID: 716A6C99B04194EF
2 changed files with 19 additions and 2 deletions

View file

@ -586,8 +586,12 @@ secure_log_date_format = %b %e
<fail2ban> <fail2ban>
list = Security, Overload / Abuse list = Security, Overload / Abuse
<desc> <desc>
0 = [apache], [apache-mod-security], [apache-overflows], [courierauth], [ssh], [pam-generic], [php-url-fopen], [vsftpd] 0 = [recidive], [pam-generic]
1 = [apache-evasive], [apache-badbots], [named-refused-udp], [named-refused-tcp] 1 = [yunohost]
2 = [postfix], [postfix-sasl], [dovecot]
3 = [nginx-http-auth]
4 = [sshd], [sshd-ddos]
5 = __F2B_ADDITIONAL_JAIL__
</desc> </desc>
graphs_per_row = 2 graphs_per_row = 2
rigid = 0 rigid = 0

View file

@ -33,6 +33,18 @@ config_nginx() {
} }
config_monitorix() { config_monitorix() {
jail_list=$(fail2ban-client status | grep 'Jail list:' | sed 's/.*Jail list://' | sed 's/,//g')
additional_jail=""
for jail in $jail_list; do
if ! [[ "$jail" =~ (recidive|pam-generic|yunohost|postfix|postfix-sasl|dovecot|nginx-http-auth|sshd|sshd-ddos) ]]; then
if [ -z "$additional_jail" ]; then
additional_jail="[$jail]"
else
additional_jail+=", [$jail]"
fi
fi
done
monitorix_conf=/etc/monitorix/monitorix.conf monitorix_conf=/etc/monitorix/monitorix.conf
cp ../conf/monitorix.conf $monitorix_conf cp ../conf/monitorix.conf $monitorix_conf
ynh_replace_string --match_string __SERVICE_PORT__ --replace_string $port --target_file $monitorix_conf ynh_replace_string --match_string __SERVICE_PORT__ --replace_string $port --target_file $monitorix_conf
@ -42,6 +54,7 @@ config_monitorix() {
ynh_replace_string --match_string __YNH_WWW_PATH__ --replace_string $path_url --target_file $monitorix_conf ynh_replace_string --match_string __YNH_WWW_PATH__ --replace_string $path_url --target_file $monitorix_conf
ynh_replace_string --match_string __MYSQL_USER__ --replace_string $dbuser --target_file $monitorix_conf ynh_replace_string --match_string __MYSQL_USER__ --replace_string $dbuser --target_file $monitorix_conf
ynh_replace_string --match_string __MYSQL_PASSWORD__ --replace_string $dbpass --target_file $monitorix_conf ynh_replace_string --match_string __MYSQL_PASSWORD__ --replace_string $dbpass --target_file $monitorix_conf
ynh_replace_string --match_string __F2B_ADDITIONAL_JAIL__ --replace_string $additional_jail --target_file $monitorix_conf
} }
set_permission() { set_permission() {