Make fail2ban use the journal to monitor sshd

author Tom Hughes <tom@compton.nu>

Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)

committer Tom Hughes <tom@compton.nu>

Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)
author Tom Hughes <tom@compton.nu>
Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)
committer Tom Hughes <tom@compton.nu>
Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)
diff --git a/cookbooks/fail2ban/recipes/default.rb b/cookbooks/fail2ban/recipes/default.rb

index a002fe13196fc2ff4debb663dd25392a4f30a57a..6213a381498f986e5785cf1eed89517d421a8f52 100644 (file)
--- a/cookbooks/fail2ban/recipes/default.rb
+++ b/cookbooks/fail2ban/recipes/default.rb
@@ -27,6 +27,14 @@ template "/etc/fail2ban/jail.d/00-default.conf" do
    notifies :restart, "service[fail2ban]"
  end
  
    notifies :restart, "service[fail2ban]"
  end
  
+template "/etc/fail2ban/paths-overrides.local" do
+  source "paths-overrides.local.erb"
+  owner "root"
+  group "root"
+  mode 0o644
+  notifies :restart, "service[fail2ban]"
+end
+
  service "fail2ban" do
    action [:enable, :start]
  end
  service "fail2ban" do
    action [:enable, :start]
  end
diff --git a/cookbooks/fail2ban/templates/default/paths-overrides.local.erb b/cookbooks/fail2ban/templates/default/paths-overrides.local.erb

new file mode 100644 (file)

index 0000000..7fbd19a
--- /dev/null
+++ b/cookbooks/fail2ban/templates/default/paths-overrides.local.erb
@@ -0,0 +1,4 @@
+# DO NOT EDIT - This file is being maintained by Chef
+
+[DEFAULT]
+sshd_backend = systemd
author	Tom Hughes <tom@compton.nu>
	Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)
committer	Tom Hughes <tom@compton.nu>
	Fri, 14 Feb 2020 16:29:49 +0000 (16:29 +0000)
cookbooks/fail2ban/recipes/default.rb		patch \| blob \| history
cookbooks/fail2ban/templates/default/paths-overrides.local.erb	[new file with mode: 0644]	patch \| blob