#!/usr/bin/with-contenv bash # shellcheck shell=bash if ! iptables -L &> /dev/null; then ln -sf /sbin/xtables-legacy-multi /sbin/iptables ln -sf /sbin/xtables-legacy-multi /sbin/iptables-save ln -sf /sbin/xtables-legacy-multi /sbin/iptables-restore ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-save ln -sf /sbin/xtables-legacy-multi /sbin/ip6tables-restore fi # copy/update the fail2ban config defaults to/in /config cp -R /defaults/fail2ban/filter.d /config/fail2ban/ cp -R /defaults/fail2ban/action.d /config/fail2ban/ # if jail.local is missing in /config, copy default if [[ ! -f /config/fail2ban/jail.local ]]; then cp /defaults/fail2ban/jail.local /config/fail2ban/jail.local fi # Replace fail2ban config with user config if [[ -d /etc/fail2ban/filter.d ]]; then rm -rf /etc/fail2ban/filter.d fi if [[ -d /etc/fail2ban/action.d ]]; then rm -rf /etc/fail2ban/action.d fi cp -R /config/fail2ban/filter.d /etc/fail2ban/ cp -R /config/fail2ban/action.d /etc/fail2ban/ cp /defaults/fail2ban/fail2ban.local /etc/fail2ban/ cp /config/fail2ban/jail.local /etc/fail2ban/jail.local # logfiles needed by fail2ban if [[ ! -f /config/log/nginx/error.log ]]; then touch /config/log/nginx/error.log fi if [[ ! -f /config/log/nginx/access.log ]]; then touch /config/log/nginx/access.log fi