helpers2.1: simplify ynh_add_fail2ban_config: remove unecessary/unused max_retry and ports options, remove --use_template: just generate the conf on-the-fly if --failregex/--logpath are provided, or use the f2b_stuff templates otherwise

2024-09-03 20:06:10 +02:00 · 2024-06-10 13:36:00 +02:00 · 2024-06-10 13:36:00 +02:00 · 0eda746af5
commit 0eda746af5
parent 701828bf45
1 changed files with 8 additions and 17 deletions
--- a/helpers/helpers.v2.1.d/fail2ban
+++ b/helpers/helpers.v2.1.d/fail2ban
@ -2,13 +2,11 @@

 # Create a dedicated fail2ban config (jail and filter conf files)
 #
-# usage 1: ynh_add_fail2ban_config --logpath=log_file --failregex=filter [--max_retry=max_retry] [--ports=ports]
+# usage 1: ynh_add_fail2ban_config --logpath=log_file --failregex=filter
 # | arg: -l, --logpath=   - Log file to be checked by fail2ban
 # | arg: -r, --failregex= - Failregex to be looked for by fail2ban
-# | arg: -m, --max_retry= - Maximum number of retries allowed before banning IP address - default: 3
-# | arg: -p, --ports=     - Ports blocked for a banned IP address - default: http,https
 #
-# usage 2: ynh_add_fail2ban_config --use_template
+# usage 2: ynh_add_fail2ban_config
 # | arg: -t, --use_template - Use this helper in template mode
 #
 # This will use a template in `../conf/f2b_jail.conf` and `../conf/f2b_filter.conf`
@ -23,7 +21,7 @@
 #     port = http,https
 #     filter = __APP__
 #     logpath = /var/log/__APP__/logfile.log
-#     maxretry = 3
+#     maxretry = 5
 # ```
 # ```
 # f2b_filter.conf:
@ -59,30 +57,23 @@
 # Requires YunoHost version 4.1.0 or higher.
 ynh_add_fail2ban_config() {
    # ============ Argument parsing =============
-    local -A args_array=([l]=logpath= [r]=failregex= [m]=max_retry= [p]=ports= [t]=use_template)
+    local -A args_array=([l]=logpath= [r]=failregex=)
    local logpath
    local failregex
-    local max_retry
-    local ports
-    local use_template
    ynh_handle_getopts_args "$@"
-    max_retry=${max_retry:-3}
-    ports=${ports:-http,https}
-    use_template="${use_template:-0}"
    # ===========================================

-    if [ "$use_template" -ne 1 ]; then
-        # Usage 1, no template. Build a config file from scratch.
+    # If failregex is provided, Build a config file on-the-fly using $logpath and $failregex
+    if [[ -n "${failregex:-}" ]]; then
        test -n "$logpath" || ynh_die --message="ynh_add_fail2ban_config expects a logfile path as first argument and received nothing."
-        test -n "$failregex" || ynh_die --message="ynh_add_fail2ban_config expects a failure regex as second argument and received nothing."

        echo "
 [__APP__]
 enabled = true
-port = __PORTS__
+port = http,https
 filter = __APP__
 logpath = __LOGPATH__
-maxretry = __MAX_RETRY__
+maxretry = 5
 " >"$YNH_APP_BASEDIR/conf/f2b_jail.conf"

        echo "