X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/ebcef210374652b9ba99f5c325c022f273d5bf9e..b751303f4146717243f68b7befeece1f8f76e2d4:/cookbooks/fail2ban/recipes/default.rb

diff --git a/cookbooks/fail2ban/recipes/default.rb b/cookbooks/fail2ban/recipes/default.rb
index b06ea2a45..50b31d1b3 100644
--- a/cookbooks/fail2ban/recipes/default.rb
+++ b/cookbooks/fail2ban/recipes/default.rb
@@ -19,18 +19,38 @@
 
 package "fail2ban"
 
-template "/etc/fail2ban/jail.local" do
-  source "jail.erb"
+if node[:lsb][:release].to_f >= 14.04
+  file "/etc/fail2ban/jail.local" do
+    action :delete
+  end
+else
+  directory "/etc/fail2ban/jail.d" do
+    owner "root"
+    group "root"
+    mode 0o755
+  end
+
+  template "/etc/fail2ban/jail.local" do
+    source "jail.local.erb"
+    owner "root"
+    group "root"
+    mode 0o644
+    subscribes :create, "template[/etc/fail2ban/jail.d/00-default.conf]"
+    notifies :reload, "service[fail2ban]"
+  end
+end
+
+template "/etc/fail2ban/jail.d/00-default.conf" do
+  source "jail.default.erb"
   owner "root"
   group "root"
-  mode 0644
-  variables :jails => []
+  mode 0o644
+  notifies :reload, "service[fail2ban]"
 end
 
 service "fail2ban" do
   action [:enable, :start]
   supports :status => true, :reload => true, :restart => true
-  subscribes :reload, "template[/etc/fail2ban/jail.local]"
 end
 
 munin_plugin "fail2ban"