Skip to content
Extraits de code Groupes Projets
Valider dfb33f61 rédigé par Théo - Le Filament's avatar Théo - Le Filament
Parcourir les fichiers

change(fail2ban): auto setup jails to check

parent 206eb87c
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
...@@ -32,7 +32,16 @@ command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10 ...@@ -32,7 +32,16 @@ command[check_users]=/usr/lib/nagios/plugins/check_users -w 5 -c 10
command[check_version]=/usr/lib/nagios/custom-plugins/check_version.sh command[check_version]=/usr/lib/nagios/custom-plugins/check_version.sh
# Check specific processes # Check specific processes
command[check_fail2ban]=/usr/lib/nagios/custom-plugins/check_fail2ban -w 350 -c 500 {% if inventory_hostname in groups.gitlab | default([]) %}
{% set fail2ban_jails = fail2ban_jails + ['gitlab'] %}
{% endif %}
{% if inventory_hostname in groups.odoo_server | default([]) or inventory_hostname in groups.owncloud_server | default([]) or inventory_hostname in groups.gitlab | default([]) %}
{% set fail2ban_jails = fail2ban_jails + ['nginx-http-auth', 'nginx-botsearch'] %}
{% endif %}
{% if inventory_hostname in groups.docker | default([]) and inventory_hostname not in groups.docker_nextcloud | default([]) %}
{% set fail2ban_jails = fail2ban_jails + ['traefik-auth'] %}
{% endif %}
command[check_fail2ban]=/usr/lib/nagios/custom-plugins/check_fail2ban.sh {{ fail2ban_jails | join(',') }}
{% if inventory_hostname in groups.docker_gitlab | default([]) %} {% if inventory_hostname in groups.docker_gitlab | default([]) %}
command[check_procs_sshd]=/usr/lib/nagios/plugins/check_procs -w 4 -c 2: -C sshd -a -D command[check_procs_sshd]=/usr/lib/nagios/plugins/check_procs -w 4 -c 2: -C sshd -a -D
{% else %} {% else %}
......
...@@ -5,10 +5,13 @@ plugins_to_download: ...@@ -5,10 +5,13 @@ plugins_to_download:
- name: check_docker.sh - name: check_docker.sh
url: https://sources.le-filament.com/lefilament/nagios-plugin/-/raw/master/check_docker.sh url: https://sources.le-filament.com/lefilament/nagios-plugin/-/raw/master/check_docker.sh
- name: check_fail2ban - name: check_fail2ban
url: https://raw.githubusercontent.com/n1tr0-5urf3r/icinga2-scripts/master/plugins/check_fail2ban url: https://sources.le-filament.com/lefilament/nagios-plugin/-/raw/master/check_fail2ban.sh
- name: check_gitlab.rb - name: check_gitlab.rb
url: https://sources.le-filament.com/lefilament/nagios-plugin/-/raw/master/check_gitlab.rb url: https://sources.le-filament.com/lefilament/nagios-plugin/-/raw/master/check_gitlab.rb
- name: check_mem.pl - name: check_mem.pl
url: https://raw.githubusercontent.com/justintime/nagios-plugins/master/check_mem/check_mem.pl url: https://raw.githubusercontent.com/justintime/nagios-plugins/master/check_mem/check_mem.pl
- name: check_version.sh - name: check_version.sh
url: https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=1785&cf_id=24 url: https://exchange.nagios.org/components/com_mtree/attachment.php?link_id=1785&cf_id=24
fail2ban_jails:
- sshd
- recidive
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter