cyplo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add fail2ban for fedora (#127)

Browse source
This commit is contained in:
Cyryl Płotnicki 2017-08-05 20:47:49 +02:00 committed by GitHub
parent 43c16d3084
commit 5b1a9ccaaf
2 changed files with 8 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
fedora/configure_fresh_system.sh
View file

@ -6,7 +6,7 @@ if [[ -z $NOUPGRADE ]]; then
sudo dnf -y upgrade sudo dnf -y upgrade
fi fi
sudo dnf -y --best --allowerasing install tmux atop zsh thunderbird thunderbird-enigmail thunderbird-lightning firefox aria2 gajim lm_sensors freecad python3-pip qt5-qtbase-devel qt5-qtwebkit-devel meld whois curl pv nodejs npm terminator gsmartcontrol python-pip mercurial python3-devel libxslt-devel libjpeg-turbo-devel conky conky-manager cmake gtk2-devel intltool gparted wine solaar glances the_silver_searcher dkms kernel-devel gimp transmission-gtk git xz util-linux-user powertop dnf-automatic kdiff3 yum-utils util-linux-user ncurses-devel zeal qt5-linguist qtkeychain-qt5-devel archivemount keepass splix gutenprint-cups cups-bjnp golang redhat-rpm-config docker pcsc-lite-devel pcsc-tools pcsc-lite yubico-piv-tool yubikey-personalization-gui xloadimage yp-tools closure-compiler optipng jpegoptim grub2 grub2-efi dracut dracut-tools openssl-devel sudo dnf -y --best --allowerasing install tmux atop zsh thunderbird thunderbird-enigmail thunderbird-lightning firefox aria2 gajim lm_sensors freecad python3-pip qt5-qtbase-devel qt5-qtwebkit-devel meld whois curl pv nodejs npm terminator gsmartcontrol python-pip mercurial python3-devel libxslt-devel libjpeg-turbo-devel conky conky-manager cmake gtk2-devel intltool gparted wine solaar glances the_silver_searcher dkms kernel-devel gimp transmission-gtk git xz util-linux-user powertop dnf-automatic kdiff3 yum-utils util-linux-user ncurses-devel zeal qt5-linguist qtkeychain-qt5-devel archivemount keepass splix gutenprint-cups cups-bjnp golang redhat-rpm-config docker pcsc-lite-devel pcsc-tools pcsc-lite yubico-piv-tool yubikey-personalization-gui xloadimage yp-tools closure-compiler optipng jpegoptim grub2 grub2-efi dracut dracut-tools openssl-devel fail2ban
sudo dnf -y groupinstall "C Development Tools and Libraries" sudo dnf -y groupinstall "C Development Tools and Libraries"
sudo dnf -y groupinstall "Development Tools" sudo dnf -y groupinstall "Development Tools"
@ -18,6 +18,7 @@ sudo cp -v $DIR/etc/dnf/automatic.conf /etc/dnf/automatic.conf
sudo cp -v $DIR/etc/ld.so.conf.d/nextcloud.conf /etc/ld.so.conf.d/nextcloud.conf sudo cp -v $DIR/etc/ld.so.conf.d/nextcloud.conf /etc/ld.so.conf.d/nextcloud.conf
sudo cp -v $DIR/etc/sysctl.d/90_swapiness.conf /etc/sysctl.d/ sudo cp -v $DIR/etc/sysctl.d/90_swapiness.conf /etc/sysctl.d/
sudo cp -v $DIR/etc/sysctl.d/91_inotify_limit.conf /etc/sysctl.d/ sudo cp -v $DIR/etc/sysctl.d/91_inotify_limit.conf /etc/sysctl.d/
sudo cp -v $DIR/etc/fail2ban/jail.d/01-sshd.conf /etc/fail2ban/jail.d/
sudo ldconfig sudo ldconfig
set +e set +e
@ -47,10 +48,12 @@ else
fi fi
if [[ -z $NO_SYSTEMCTL ]]; then if [[ -z $NO_SYSTEMCTL ]]; then
sudo systemctl enable dnf-automatic-install.timer
sudo systemctl start dnf-automatic-install.timer
sudo systemctl enable docker sudo systemctl enable docker
sudo systemctl restart docker sudo systemctl restart docker
sudo systemctl enable fail2ban
sudo systemctl restart fail2ban
sudo systemctl enable dnf-automatic-install.timer
sudo systemctl restart dnf-automatic-install.timer
sudo systemctl enable fstrim.timer sudo systemctl enable fstrim.timer
sudo systemctl restart fstrim.timer sudo systemctl restart fstrim.timer
sudo systemctl list-timers sudo systemctl list-timers

2
fedora/etc/fail2ban/jail.d/01-sshd.conf Normal file
View file

@ -0,0 +1,2 @@
[sshd]
enabled = true