Merge branch 'joeyconfig'

author: Joey Hess <joeyh@joeyh.name> 2015-11-30 13:34:18 -0400
committer: Joey Hess <joeyh@joeyh.name> 2015-11-30 13:34:18 -0400
commit: d6d63ff095e6584e5a28eb39139f1cd7e83534d3 (patch)
tree: 5f6f4a94f4f73825d4c08cfc5ff252e6416445d5 /src/Propellor/Property/Fail2Ban.hs
parent: 703c08cd618ec3d0f299b1f715e0ebfb7233ea09 (diff)
parent: b82390983dd285e18df43c979d909331f44a01da (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/src/Propellor/Property/Fail2Ban.hs b/src/Propellor/Property/Fail2Ban.hs
new file mode 100644
index 00000000..716d376f
--- /dev/null
+++ b/src/Propellor/Property/Fail2Ban.hs
@@ -0,0 +1,30 @@
+module Propellor.Property.Fail2Ban where
+
+import Propellor.Base
+import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.Service as Service
+import Propellor.Property.ConfFile
+
+installed :: Property NoInfo
+installed = Apt.serviceInstalledRunning "fail2ban"
+
+reloaded :: Property NoInfo
+reloaded = Service.reloaded "fail2ban"
+
+type Jail = String
+
+-- | By default, fail2ban only enables the ssh jail, but many others
+-- are available to be enabled, for example "postfix-sasl"
+jailEnabled :: Jail -> Property NoInfo
+jailEnabled name = jailConfigured name "enabled" "true"
+	`onChange` reloaded
+
+-- | Configures a jail. For example:
+--
+-- > jailConfigured "sshd" "port" "2222"
+jailConfigured :: Jail -> IniKey -> String -> Property NoInfo
+jailConfigured name key value = 
+	jailConfFile name `containsIniSetting` (name, key, value)
+
+jailConfFile :: Jail -> FilePath
+jailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".conf"
author	Joey Hess <joeyh@joeyh.name>	2015-11-30 13:34:18 -0400
committer	Joey Hess <joeyh@joeyh.name>	2015-11-30 13:34:18 -0400
commit	d6d63ff095e6584e5a28eb39139f1cd7e83534d3 (patch)
tree	5f6f4a94f4f73825d4c08cfc5ff252e6416445d5 /src/Propellor/Property/Fail2Ban.hs
parent	703c08cd618ec3d0f299b1f715e0ebfb7233ea09 (diff)
parent	b82390983dd285e18df43c979d909331f44a01da (diff)