#!/bin/bash # ============= FUTURE YUNOHOST HELPER ============= # Delete a file checksum from the app settings # # $app should be defined when calling this helper # # usage: ynh_remove_file_checksum file # | arg: file - The file for which the checksum will be deleted ynh_delete_file_checksum () { local checksum_setting_name=checksum_${1//[\/ ]/_} # Replace all '/' and ' ' by '_' ynh_app_setting_delete $app $checksum_setting_name } #================================================= # EXPERIMENTAL HELPERS #================================================= # Create a dedicated fail2ban config (jail and filter conf files) # # usage: ynh_add_fail2ban_config log_file filter [max_retry [ports]] # | arg: log_file - Log file to be checked by fail2ban # | arg: failregex - Failregex to be looked for by fail2ban # | arg: max_retry - Maximum number of retries allowed before banning IP address - default: 3 # | arg: ports - Ports blocked for a banned IP address - default: http,https ynh_add_fail2ban_config () { # Process parameters logpath=$1 failregex=$2 max_retry=${3:-3} ports=${4:-http,https} test -n "$logpath" || ynh_die "ynh_add_fail2ban_config expects a logfile path as first argument and received nothing." test -n "$failregex" || ynh_die "ynh_add_fail2ban_config expects a failure regex as second argument and received nothing." finalfail2banjailconf="/etc/fail2ban/jail.d/$app.conf" finalfail2banfilterconf="/etc/fail2ban/filter.d/$app.conf" ynh_backup_if_checksum_is_different "$finalfail2banjailconf" 1 ynh_backup_if_checksum_is_different "$finalfail2banfilterconf" 1 sudo tee $finalfail2banjailconf <&2 echo "WARNING${fail2ban_error#*WARNING}" >&2 fi } # Remove the dedicated fail2ban config (jail and filter conf files) # # usage: ynh_remove_fail2ban_config ynh_remove_fail2ban_config () { ynh_secure_remove "/etc/fail2ban/jail.d/$app.conf" ynh_secure_remove "/etc/fail2ban/filter.d/$app.conf" sudo systemctl restart fail2ban }