Add logrotate

[perso/Immae/Projets/Puppet.git] / modules / base_configuration / manifests / init.pp

diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
index 4c6ca1e155cd5d210644aade25a239ea74322aaf..2b20a0e89908e0aabc688d5690a8eaa1ea271dfb 100644 (file)
--- a/modules/base_configuration/manifests/init.pp
+++ b/modules/base_configuration/manifests/init.pp
@@ -49,4 +49,61 @@ class base_configuration (
         'Subsystem'                       => 'sftp /usr/lib/openssh/sftp-server',
      }
   }
+
+  class { 'pacman':
+    color => true,
+  }
+
+  pacman::repo { 'multilib':
+    order   => 15,
+    include => '/etc/pacman.d/mirrorlist'
+  }
+
+  class { '::logrotate':
+    manage_cron_daily => false,
+    config => {
+      rotate_every => 'week',
+      rotate       => 4,
+      create       => true,
+      compress     => true,
+      olddir       => '/var/log/old',
+      tabooext     => "+ .pacorig .pacnew .pacsave",
+    }
+  }
+
+  logrotate::rule { 'wtmp':
+    path         => '/var/log/wtmp',
+    rotate_every => 'month',
+    create       => true,
+    create_mode  => '0664',
+    create_owner => 'root',
+    create_group => 'utmp',
+    rotate       => '1',
+    minsize      => '1M',
+  }
+  logrotate::rule { 'btmp':
+    path         => '/var/log/btmp',
+    missingok    => true,
+    rotate_every => 'month',
+    create       => true,
+    create_mode  => '0600',
+    create_owner => 'root',
+    create_group => 'utmp',
+    rotate       => '1',
+  }
+
+  ensure_packages(["whois"], { 'install_options' => '--asdeps' })
+  class { 'fail2ban':
+    logtarget => 'SYSLOG',
+    backend   => 'systemd'
+  }
+  fail2ban::jail { 'sshd':
+    backend  => 'systemd',
+    port     => 'ssh',
+    filter   => 'sshd',
+    maxretry => 10,
+    bantime  => 86400,
+    logpath  => '',
+    order    => 10
+  }
 }