3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
|
# File 'manifests/config.pp', line 3
class fail2ban::config {
# Load custom jails definition
$config_custom_jails = hiera_hash('fail2ban::custom_jails', undef)
if $::fail2ban::config_dir_source {
file { 'fail2ban.dir':
ensure => $::fail2ban::config_dir_ensure,
path => $::fail2ban::config_dir_path,
force => $::fail2ban::config_dir_purge,
purge => $::fail2ban::config_dir_purge,
recurse => $::fail2ban::config_dir_recurse,
source => $::fail2ban::config_dir_source,
notify => $::fail2ban::config_file_notify,
require => $::fail2ban::config_file_require,
}
}
if $::fail2ban::config_file_path {
file { 'fail2ban.conf':
ensure => $::fail2ban::config_file_ensure,
path => $::fail2ban::config_file_path,
owner => $::fail2ban::config_file_owner,
group => $::fail2ban::config_file_group,
mode => $::fail2ban::config_file_mode,
source => $::fail2ban::config_file_source,
content => $::fail2ban::config_file_content,
notify => $::fail2ban::config_file_notify,
require => $::fail2ban::config_file_require,
}
}
# Custom jails definition
if $config_custom_jails {
create_resources('fail2ban::jail', $config_custom_jails)
}
# Operating system specific configuration
case $::operatingsystem {
/^(RedHat|CentOS|Scientific)$/: {
# Not using firewalld by now
file { '00-firewalld.conf':
ensure => 'absent',
path => "${::fail2ban::config_dir_path}/jail.d/00-firewalld.conf",
notify => $::fail2ban::config_file_notify,
require => $::fail2ban::config_file_require,
}
}
'Debian': {}
'Ubuntu': {
case $::lsbdistcodename {
# Remove debian defaults conf
'xenial': {
file { 'defaults-debian.conf':
ensure => absent,
path => "${::fail2ban::config_dir_path}/jail.d/defaults-debian.conf",
require => $::fail2ban::config_file_require,
}
}
default: {}
}
}
default: {
fail("${::operatingsystem} not supported.")
}
}
}
|