]> git.immae.eu Git - perso/Immae/Projets/Puppet.git/blobdiff - modules/base_configuration/manifests/init.pp
projects / perso / Immae / Projets / Puppet.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add fail2ban
[perso/Immae/Projets/Puppet.git] / modules / base_configuration / manifests / init.pp
diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
index dca17b34965cb39e09f0dea873b12e44709253d8..f432e293b0f6d2c142bb792d36e83a2e3d6a58d1 100644 (file)
--- a/modules/base_configuration/manifests/init.pp
+++ b/modules/base_configuration/manifests/init.pp
@@ -58,4 +58,19 @@ class base_configuration (
     order   => 15,
     include => '/etc/pacman.d/mirrorlist'
   }
+
+  ensure_packages(["whois"], { 'install_options' => '--asdeps' })
+  class { 'fail2ban':
+    logtarget => 'SYSLOG',
+    backend   => 'systemd'
+  }
+  fail2ban::jail { 'sshd':
+    backend  => 'systemd',
+    port     => 'ssh',
+    filter   => 'sshd',
+    maxretry => 10,
+    bantime  => 86400,
+    logpath  => '',
+    order    => 10
+  }
 }
My infrastructure configuration - Deprecated, replaced with Nix