docker-swag/root/etc/s6-overlay/s6-rc.d/init-fail2ban-config/run

39 lines
1.3 KiB
Plaintext
Raw Normal View History

#!/usr/bin/with-contenv bash
2022-11-22 15:55:25 -05:00
# shellcheck shell=bash
if ! iptables -L &> /dev/null; then
ln -sf /sbin/xtables-legacy-multi /sbin/iptables
ln -sf /sbin/xtables-legacy-multi /sbin/iptables-save
ln -sf /sbin/xtables-legacy-multi /sbin/iptables-restore
ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables
ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-save
ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-restore
fi
# copy/update the fail2ban config defaults to/in /config
cp -R /defaults/fail2ban/filter.d /config/fail2ban/
cp -R /defaults/fail2ban/action.d /config/fail2ban/
# if jail.local is missing in /config, copy default
if [[ ! -f /config/fail2ban/jail.local ]]; then
cp /defaults/fail2ban/jail.local /config/fail2ban/jail.local
fi
# Replace fail2ban config with user config
if [[ -d /etc/fail2ban/filter.d ]]; then
rm -rf /etc/fail2ban/filter.d
fi
if [[ -d /etc/fail2ban/action.d ]]; then
rm -rf /etc/fail2ban/action.d
fi
cp -R /config/fail2ban/filter.d /etc/fail2ban/
cp -R /config/fail2ban/action.d /etc/fail2ban/
cp /defaults/fail2ban/fail2ban.local /etc/fail2ban/
cp /config/fail2ban/jail.local /etc/fail2ban/jail.local
# logfiles needed by fail2ban
if [[ ! -f /config/log/nginx/error.log ]]; then
touch /config/log/nginx/error.log
fi
if [[ ! -f /config/log/nginx/access.log ]]; then
touch /config/log/nginx/access.log
fi