module Propellor.Property.Fail2Ban where
import Propellor.Base
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Service as Service
import Propellor.Property.ConfFile
installed :: Property DebianLike
installed = Apt.serviceInstalledRunning "fail2ban"
reloaded :: Property DebianLike
reloaded = Service.reloaded "fail2ban"
type Jail = String
type Filter = String
type Action = String
jailEnabled :: Jail -> Property DebianLike
jailEnabled name = jailEnabled' name []
`onChange` reloaded
jailEnabled' :: Jail -> [(IniKey, String)] -> Property DebianLike
jailEnabled' name settings =
jailConfigured' name (("enabled", "true") : settings)
`onChange` reloaded
jailConfigured' :: Jail -> [(IniKey, String)] -> Property UnixLike
jailConfigured' name settings = propertyList ("jail \"" ++ name ++ "\" configuration") $ props
& File.notPresent (oldJailConfFile name)
& jailConfFile name `iniFileContains` [(name, settings)]
jailConfigured :: Jail -> IniKey -> String -> Property UnixLike
jailConfigured name key value = propertyList ("jail \"" ++ name ++ "\" configuration") $ props
& File.notPresent (oldJailConfFile name)
& jailConfFile name `containsIniSetting` (name, key, value)
oldJailConfFile :: Jail -> FilePath
oldJailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".conf"
jailConfFile :: Jail -> FilePath
jailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".local"
filterConfFile :: Filter -> FilePath
filterConfFile name = "/etc/fail2ban/filter.d/" ++ name ++ ".local"
actionConfFile :: Action -> FilePath
actionConfFile name = "/etc/fail2ban/action.d/" ++ name ++ ".local"