From d6c2e9deaaeb0676521a0fbe0b23b875329b3b85 Mon Sep 17 00:00:00 2001 From: "Adam D. Barratt" Date: Sun, 20 Oct 2019 12:45:59 +0100 Subject: [PATCH] fail2ban: lint fixes Signed-off-by: Adam D. Barratt --- modules/fail2ban/manifests/exim.pp | 10 ++++++---- modules/fail2ban/manifests/init.pp | 10 +++++++--- modules/fail2ban/manifests/postfix.pp | 6 ++++-- 3 files changed, 17 insertions(+), 9 deletions(-) diff --git a/modules/fail2ban/manifests/exim.pp b/modules/fail2ban/manifests/exim.pp index 96c9561f8..4279091a1 100644 --- a/modules/fail2ban/manifests/exim.pp +++ b/modules/fail2ban/manifests/exim.pp @@ -1,18 +1,20 @@ +# exim-specific fail2ban setup +# class fail2ban::exim inherits fail2ban { file { '/etc/fail2ban/filter.d/dsa-exim.conf': source => 'puppet:///modules/fail2ban/filter/dsa-exim.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } file { '/etc/fail2ban/jail.d/dsa-exim.conf': source => 'puppet:///modules/fail2ban/jail/dsa-exim.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } file { '/etc/fail2ban/filter.d/dsa-exim-strict.conf': source => 'puppet:///modules/fail2ban/filter/dsa-exim-strict.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } file { '/etc/fail2ban/jail.d/dsa-exim-strict.conf': source => 'puppet:///modules/fail2ban/jail/dsa-exim-strict.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } } diff --git a/modules/fail2ban/manifests/init.pp b/modules/fail2ban/manifests/init.pp index f4f7b9fd0..b85b0091d 100644 --- a/modules/fail2ban/manifests/init.pp +++ b/modules/fail2ban/manifests/init.pp @@ -1,3 +1,7 @@ +# fail2ban setup +# +# Checks that are only used on particular systems are defined elsewhere, +# generally in subclasses. class fail2ban { package { 'fail2ban': ensure => installed, @@ -9,7 +13,7 @@ class fail2ban { file { '/etc/fail2ban/jail.d/dsa-00-default.conf': source => 'puppet:///modules/fail2ban/jail/dsa-00-default.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } ferm::conf { 'f2b': @@ -37,8 +41,8 @@ class fail2ban { # XXX Maybe this will be automatically done in buster, it is certainly needed in stretch. So maybe: versioncmp($::lsbmajdistrelease, '9') <= 0 concat::fragment { 'puppet-crontab--fail2ban-cleanup': - target => '/etc/cron.d/puppet-crontab', - content => @(EOF) + target => '/etc/cron.d/puppet-crontab', + content => @(EOF) 17 * * * * root chronic python3 -c "import sys, logging; logging.basicConfig(stream=sys.stdout, level=logging.INFO); from fail2ban.server.database import Fail2BanDb; db = Fail2BanDb('/var/lib/fail2ban/fail2ban.sqlite3'); db.purge(); db._db.cursor().execute('VACUUM')" | EOF } diff --git a/modules/fail2ban/manifests/postfix.pp b/modules/fail2ban/manifests/postfix.pp index 4b545660d..f6f5f688f 100644 --- a/modules/fail2ban/manifests/postfix.pp +++ b/modules/fail2ban/manifests/postfix.pp @@ -1,10 +1,12 @@ +# postfix-specific fail2ban setup +# class fail2ban::postfix inherits fail2ban { file { '/etc/fail2ban/filter.d/dsa-postfix.conf': source => 'puppet:///modules/fail2ban/filter/dsa-postfix.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } file { '/etc/fail2ban/jail.d/dsa-postfix.conf': source => 'puppet:///modules/fail2ban/jail/dsa-postfix.conf', - notify => Service['fail2ban'], + notify => Service['fail2ban'], } } -- 2.20.1