From a37e5d7a961b6f6373c4f91e6c114d81e2e3261b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Isma=C3=ABl=20Bouya?= <ismael.bouya@normalesup.org>
Date: Wed, 10 Aug 2016 13:27:09 +0200
Subject: Add fail2ban

---
 modules/base_configuration/manifests/init.pp | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'modules/base_configuration')

diff --git a/modules/base_configuration/manifests/init.pp b/modules/base_configuration/manifests/init.pp
index dca17b3..f432e29 100644
--- a/modules/base_configuration/manifests/init.pp
+++ b/modules/base_configuration/manifests/init.pp
@@ -58,4 +58,19 @@ class base_configuration (
     order   => 15,
     include => '/etc/pacman.d/mirrorlist'
   }
+
+  ensure_packages(["whois"], { 'install_options' => '--asdeps' })
+  class { 'fail2ban':
+    logtarget => 'SYSLOG',
+    backend   => 'systemd'
+  }
+  fail2ban::jail { 'sshd':
+    backend  => 'systemd',
+    port     => 'ssh',
+    filter   => 'sshd',
+    maxretry => 10,
+    bantime  => 86400,
+    logpath  => '',
+    order    => 10
+  }
 }
-- 
cgit v1.2.3