X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/722833be07c07adb4b487e1c57fb98b31c4c30f3..a68415b8f2bf106b6ea5948b0605c897b516ef4f:/cookbooks/fail2ban/recipes/default.rb?ds=sidebyside

diff --git a/cookbooks/fail2ban/recipes/default.rb b/cookbooks/fail2ban/recipes/default.rb
index 1fe3840cc..50b31d1b3 100644
--- a/cookbooks/fail2ban/recipes/default.rb
+++ b/cookbooks/fail2ban/recipes/default.rb
@@ -19,16 +19,38 @@
 
 package "fail2ban"
 
-template "/etc/fail2ban/jail.local" do
-  source "jail.erb"
+if node[:lsb][:release].to_f >= 14.04
+  file "/etc/fail2ban/jail.local" do
+    action :delete
+  end
+else
+  directory "/etc/fail2ban/jail.d" do
+    owner "root"
+    group "root"
+    mode 0o755
+  end
+
+  template "/etc/fail2ban/jail.local" do
+    source "jail.local.erb"
+    owner "root"
+    group "root"
+    mode 0o644
+    subscribes :create, "template[/etc/fail2ban/jail.d/00-default.conf]"
+    notifies :reload, "service[fail2ban]"
+  end
+end
+
+template "/etc/fail2ban/jail.d/00-default.conf" do
+  source "jail.default.erb"
   owner "root"
   group "root"
-  mode 0644
-  variables :jails => []
+  mode 0o644
+  notifies :reload, "service[fail2ban]"
 end
 
 service "fail2ban" do
-  action [ :enable, :start ]
+  action [:enable, :start]
   supports :status => true, :reload => true, :restart => true
-  subscribes :reload, "template[/etc/fail2ban/jail.local]"
 end
+
+munin_plugin "fail2ban"