a2748ba201
- /home/dot_config/nvim-custom/run_onchanges_after_symlink-custom.tmpl - /home/dot_local/bin/run_onchange_ensure-executable.tmpl - /home/dot_local/share/ansible/run_onchange_after_symlink-ansible-configs.tmpl - /home/Library/Fonts/run_onchange_after_add-fonts.tmpl - /home/private_dot_ssh/fail2ban/run_onchange_after_fail2ban.tmpl - /home/private_dot_ssh/system/run_onchange_after_sshd.tmpl - /home/private_dot_ssh/endlessh/run_onchange_after_endlessh.tmpl - /home/private_dot_ssh/run_onchanges_after_decrypt-ssh-keys.tmpl - /home/private_dot_ssh/run_onchanges_after_ensure-private-key.tmpl - /home/private_dot_ssh/run_onchanges_after_generate-public-keys.tmpl - /home/.chezmoiscripts/run_onchanges_after_symlink-custom.tmpl - /home/.chezmoiscripts/run_onchange_ensure-executable.tmpl - /home/.chezmoiscripts/run_onchange_after_symlink-ansible-configs.tmpl - /home/.chezmoiscripts/run_onchange_after_add-fonts.tmpl - /home/.chezmoiscripts/run_onchange_after_fail2ban.tmpl - /home/.chezmoiscripts/run_onchange_after_sshd.tmpl - /home/.chezmoiscripts/run_onchange_after_endlessh.tmpl - /home/.chezmoiscripts/run_onchanges_after_decrypt-ssh-keys.tmpl - /home/.chezmoiscripts/run_onchanges_after_ensure-private-key.tmpl - /home/.chezmoiscripts/run_onchanges_after_generate-public-keys.tmpl
41 lines
1.5 KiB
Cheetah
41 lines
1.5 KiB
Cheetah
{{- if eq .host.distro.family "linux" -}}
|
|
#!/usr/bin/env bash
|
|
|
|
# jail.local hash: {{- include (joinPath .host.home ".ssh" "fail2ban" "jail.local") | sha256sum -}}
|
|
|
|
{{ includeTemplate "universal/profile" }}
|
|
{{ includeTemplate "universal/logg" }}
|
|
|
|
### Restart fail2ban
|
|
function restartFail2Ban() {
|
|
if [ -d /Applications ] && [ -d /System ]; then
|
|
# macOS
|
|
logg info 'Enabling the `fail2ban` Homebrew service'
|
|
brew services start fail2ban
|
|
else
|
|
# Linux
|
|
logg info 'Enabling the `fail2ban` service'
|
|
sudo systemctl enable fail2ban
|
|
logg info 'Restarting the `fail2ban` service'
|
|
sudo systemctl restart fail2ban
|
|
fi
|
|
}
|
|
|
|
### Update the jail.local file if environment is not WSL
|
|
if [[ ! "$(test -d /proc && grep Microsoft /proc/version > /dev/null)" ]]; then
|
|
if [ -d /etc/fail2ban ]; then
|
|
logg info 'Copying ~/.ssh/fail2ban/jail.local to /etc/fail2ban/jail.local'
|
|
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /etc/fail2ban/jail.local
|
|
restartFail2Ban
|
|
elif [ -d /usr/local/etc/fail2ban ]; then
|
|
logg info 'Copying ~/.ssh/fail2ban/jail.local to /usr/local/etc/fail2ban/jail.local'
|
|
sudo cp -f "$HOME/.ssh/fail2ban/jail.local" /usr/local/etc/fail2ban/jail.local
|
|
restartFail2Ban
|
|
else
|
|
logg warn 'Both the /etc/fail2ban (Linux) and the /usr/local/etc/fail2ban (macOS) folder do not exist'
|
|
fi
|
|
else
|
|
logg info 'Skipping sshd_config application since environment is WSL'
|
|
fi
|
|
|
|
{{ end -}}
|