From db12dfeda30c74e523aa659e04bc58a52926c9fe Mon Sep 17 00:00:00 2001 From: Zhang Huangbin Date: Tue, 5 May 2020 11:43:05 +0800 Subject: [PATCH] iRedMail now supports Ubuntu 20.04 LTS with MariaDB and PostgreSQL backends. --- ChangeLog | 4 ++ conf/dovecot | 14 ++-- conf/fail2ban | 3 + conf/global | 2 +- conf/php | 7 +- conf/postgresql | 7 +- dialog/web_applications.sh | 7 +- functions/fail2ban.sh | 34 +++++++++ functions/iredadmin.sh | 5 ++ functions/iredapd.sh | 4 +- functions/packages.sh | 69 +++++++++++++++---- samples/fail2ban/jail.d/dovecot.local | 2 +- .../fail2ban/jail.d/postfix-pregreet.local | 6 +- samples/fail2ban/jail.d/postfix.local | 2 +- samples/fail2ban/jail.d/roundcube.local | 2 +- samples/fail2ban/jail.d/sogo.local | 2 +- samples/freebsd/syslog.d/fail2ban.conf | 2 + samples/netdata/netdata.conf | 3 +- samples/rsyslog.d/1-iredmail-fail2ban.conf | 2 + 19 files changed, 142 insertions(+), 35 deletions(-) create mode 100644 samples/freebsd/syslog.d/fail2ban.conf create mode 100755 samples/rsyslog.d/1-iredmail-fail2ban.conf diff --git a/ChangeLog b/ChangeLog index e23b6242..bc84568f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +iRedMail-1.2.2: + * Supports new distribution release: + + Ubuntu 20.04 + iRedMail-1.2.1: * Switch self-signed ssl cert key length to 4096. * Swith DKIM key length to 2048. diff --git a/conf/dovecot b/conf/dovecot index 4c76c589..b6dc783d 100644 --- a/conf/dovecot +++ b/conf/dovecot @@ -25,7 +25,7 @@ # ---------------------------------------- # Major version number of Dovecot package: 2.2, 2.3. -export DOVECOT_VERSION='2.2' +export DOVECOT_VERSION='2.3' # Dovecot user & group. export SYS_USER_DOVECOT='dovecot' @@ -72,20 +72,22 @@ export DOVECOT_SYSLOG_FILE_SIEVE="${DOVECOT_LOG_DIR}/sieve.log" # Log rotate config file export DOVECOT_LOGROTATE_FILE="${LOGROTATE_DIR}/dovecot" -if [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then +if [ X"${DISTRO}" == X'RHEL' ]; then + export DOVECOT_VERSION='2.2' +elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then export DOVECOT_DELIVER_BIN='/usr/lib/dovecot/deliver' - # Debian 10 - [ X"${DISTRO_CODENAME}" == X'buster' ] && export DOVECOT_VERSION='2.3' + # Debian 9, Ubuntu 18.04. + if [ X"${DISTRO_CODENAME}" == X'stretch' -o X"${DISTRO_CODENAME}" == X'bionic' ]; then + export DOVECOT_VERSION='2.2' + fi elif [ X"${DISTRO}" == X'FREEBSD' ]; then - export DOVECOT_VERSION='2.3' export DOVECOT_CONF_DIR='/usr/local/etc/dovecot' export DOVECOT_DELIVER_BIN='/usr/local/libexec/dovecot/deliver' export DOVECOT_DOVEADM_BIN='/usr/local/bin/doveadm' export DOVECOT_CONF_INCLUDE_DIR='/usr/local/etc/dovecot/iredmail' elif [ X"${DISTRO}" == X'OPENBSD' ]; then - export DOVECOT_VERSION='2.3' export SYS_USER_DOVECOT='_dovecot' export SYS_GROUP_DOVECOT='_dovecot' export DOVECOT_DELIVER_BIN='/usr/local/libexec/dovecot/deliver' diff --git a/conf/fail2ban b/conf/fail2ban index d128078a..ae1841ea 100644 --- a/conf/fail2ban +++ b/conf/fail2ban @@ -42,6 +42,9 @@ export FAIL2BAN_FILTER_DOVECOT="dovecot.iredmail" export FAIL2BAN_DISABLED_SERVICES="${PORT_HTTP},${HTTPS_PORT},25,587,465,110,995,143,993,${MANAGESIEVE_PORT}" +export FAIL2BAN_LOG_FILE='/var/log/fail2ban.log' +export FAIL2BAN_SYSLOG_FACILITY='daemon' + # Firewall command (fail2ban/action.d/[NAME].conf) if [ X"${KERNEL_NAME}" == X'LINUX' ]; then export FAIL2BAN_ACTION='iptables-multiport' diff --git a/conf/global b/conf/global index bf554fff..4724df37 100644 --- a/conf/global +++ b/conf/global @@ -22,7 +22,7 @@ export PROG_NAME='iRedMail' export PROG_NAME_LOWERCASE='iredmail' -export PROG_VERSION='1.2.1' +export PROG_VERSION='1.2.2' export DATE="$(/bin/date +%Y.%m.%d.%H.%M.%S)" diff --git a/conf/php b/conf/php index aa946248..f8fa2714 100644 --- a/conf/php +++ b/conf/php @@ -47,9 +47,12 @@ elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then elif [ X"${DISTRO_CODENAME}" == X'buster' ]; then # Debian 10 export PHP_VERSION='7.3' - else - # Ubuntu 18.04, 19.04 + elif [ X"${DISTRO_CODENAME}" == X'bionic' ]; then + # Ubuntu 18.04 export PHP_VERSION='7.2' + else + # Ubuntu 20.04 + export PHP_VERSION='7.4' fi export PHP_INI="/etc/php/${PHP_VERSION}/fpm/php.ini" diff --git a/conf/postgresql b/conf/postgresql index 1458d74c..95fb6637 100644 --- a/conf/postgresql +++ b/conf/postgresql @@ -45,9 +45,12 @@ elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then elif [ X"${DISTRO_CODENAME}" == X'bionic' ]; then # Ubuntu 18.04 export PGSQL_VERSION='10' - else - # Debian 10, Ubuntu 19.04 + elif [ X"${DISTRO_CODENAME}" == X'buster' ]; then + # Debian 10 export PGSQL_VERSION='11' + else + # Ubuntu 20.04 + export PGSQL_VERSION='12' fi export PGSQL_USER_HOMEDIR='/var/lib/postgresql' diff --git a/dialog/web_applications.sh b/dialog/web_applications.sh index f19817bf..95bbd973 100644 --- a/dialog/web_applications.sh +++ b/dialog/web_applications.sh @@ -33,8 +33,11 @@ if [ X"${DISABLE_WEB_SERVER}" != X'YES' ]; then export DIALOG_SELECTABLE_SOGO='YES' fi - # SOGo team doesn't offer binary packages for CentOS 8 (yet). - [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ] && export DIALOG_SELECTABLE_SOGO='NO' + # SOGo team doesn't offer binary packages for CentOS 8 and Ubuntu 20.04 (yet). + if [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ] || + [ X"${DISTRO}" == X'UBUNTU' -a X"${DISTRO_CODENAME}" == X'focal' ]; then + export DIALOG_SELECTABLE_SOGO='NO' + fi if [ X"${DISTRO}" == X'OPENBSD' ]; then # OpenBSD doesn't have 'libuuid' which required by netdata diff --git a/functions/fail2ban.sh b/functions/fail2ban.sh index 1f371603..5cb9b7a1 100644 --- a/functions/fail2ban.sh +++ b/functions/fail2ban.sh @@ -145,9 +145,43 @@ fail2ban_config() { echo 'export status_fail2ban_config="DONE"' >> ${STATUS_FILE} } +fail2ban_syslog_setup() { + ECHO_DEBUG "Generate modular syslog and log rotate config files for Fail2ban." + if [ X"${KERNEL_NAME}" == X'LINUX' ]; then + cp ${SAMPLE_DIR}/rsyslog.d/1-iredmail-fail2ban.conf ${SYSLOG_CONF_DIR} + perl -pi -e 's#PH_FAIL2BAN_LOG_FILE#$ENV{FAIL2BAN_LOG_FILE}#g' ${SYSLOG_CONF_DIR}/1-iredmail-fail2ban.conf + + touch ${FAIL2BAN_LOG_FILE} + chown ${SYS_USER_SYSLOG}:${SYS_GROUP_SYSLOG} ${FAIL2BAN_LOG_FILE} + chmod 0640 ${FAIL2BAN_LOG_FILE} + elif [ X"${KERNEL_NAME}" == X'FREEBSD' ]; then + cp -f ${SAMPLE_DIR}/freebsd/syslog.d/fail2ban.conf ${SYSLOG_CONF_DIR} >> ${INSTALL_LOG} 2>&1 + perl -pi -e 's#PH_FAIL2BAN_SYSLOG_FACILITY#$ENV{FAIL2BAN_SYSLOG_FACILITY}#g' ${SYSLOG_CONF_DIR}/fail2ban.conf + perl -pi -e 's#PH_FAIL2BAN_LOG_FILE#$ENV{FAIL2BAN_LOG_FILE}#g' ${SYSLOG_CONF_DIR}/fail2ban.conf + elif [ X"${KERNEL_NAME}" == X'OPENBSD' ]; then + if ! grep "${FAIL2BAN_LOG_FILE}" ${SYSLOG_CONF} &>/dev/null; then + # '!!' means abort further evaluation after first match + echo '' >> ${SYSLOG_CONF} + echo '!!fail2ban' >> ${SYSLOG_CONF} + echo "${FAIL2BAN_SYSLOG_FACILITY}.* ${FAIL2BAN_LOG_FILE}" >> ${SYSLOG_CONF} + fi + + if ! grep "${FAIL2BAN_LOG_FILE}" /etc/newsyslog.conf &>/dev/null; then + cat >> /etc/newsyslog.conf <> ${STATUS_FILE} +} + fail2ban_setup() { ECHO_INFO "Configure Fail2ban (authentication failure monitor)." check_status_before_run fail2ban_initialize_db check_status_before_run fail2ban_config + check_status_before_run fail2ban_syslog_setup + + echo 'export status_fail2ban_setup="DONE"' >> ${STATUS_FILE} } diff --git a/functions/iredadmin.sh b/functions/iredadmin.sh index 29ffa196..e8fb044d 100644 --- a/functions/iredadmin.sh +++ b/functions/iredadmin.sh @@ -241,6 +241,11 @@ iredadmin_rc_setup() perl -pi -e 's#^(uwsgi-socket).*#${1} = $ENV{IREDADMIN_BIND_ADDRESS}:$ENV{IREDADMIN_LISTEN_PORT}#g' ${IREDADMIN_HTTPD_ROOT}/rc_scripts/uwsgi/rhel.ini perl -pi -e 's#^(chdir).*#${1} = $ENV{IREDADMIN_HTTPD_ROOT_SYMBOL_LINK}#g' ${IREDADMIN_HTTPD_ROOT}/rc_scripts/uwsgi/rhel.ini elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then + if [ X"${DISTRO_CODENAME}" == X'focal' ]; then + # Fix path to uwsgi. + perl -pi -e 's#/usr/bin/uwsgi#/usr/local/bin/uwsgi#g' ${IREDADMIN_HTTPD_ROOT}/rc_scripts/systemd/debian.service + fi + cp -f ${IREDADMIN_HTTPD_ROOT}/rc_scripts/systemd/debian.service ${SYSTEMD_SERVICE_DIR}/iredadmin.service chmod 0644 ${SYSTEMD_SERVICE_DIR}/iredadmin.service diff --git a/functions/iredapd.sh b/functions/iredapd.sh index 50936456..05325bf9 100644 --- a/functions/iredapd.sh +++ b/functions/iredapd.sh @@ -219,7 +219,9 @@ iredapd_config() # mlmmjadmin integration. perl -pi -e 's#^(mlmmjadmin_api_auth_token).*#${1} = "$ENV{MLMMJADMIN_API_AUTH_TOKEN}"#' ${IREDAPD_CONF} - if [[ X"${DISTRO}" == X'RHEL' ]] && [[ X"${DISTRO_VERSION}" == X'8' ]]; then + # Use pymysql on CentOS 8, Ubuntu 20.04 + if [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ] || \ + [ X"${DISTRO}" == X'UBUNTU' -a X"${DISTRO_CODENAME}" == X'focal' ]; then if [[ X"${BACKEND}" == X'OPENLDAP' ]] || [[ X"${BACKEND}" == X'MYSQL' ]]; then echo "SQL_DB_DRIVER = 'pymysql'" >> ${IREDAPD_CONF} fi diff --git a/functions/packages.sh b/functions/packages.sh index 5bcdcb8c..970560d3 100644 --- a/functions/packages.sh +++ b/functions/packages.sh @@ -65,6 +65,8 @@ install_all() if [ X"${DISTRO}" == X'RHEL' ]; then ALL_PKGS="${ALL_PKGS} rsyslog firewalld" PIP2_MODULES="${PIP2_MODULES} web.py==0.51 pycurl uwsgi netifaces" + elif [ X"${DISTRO}" == X'UBUNTU' -a X"${DISTRO_CODENAME}" == X'focal' ]; then + PIP2_MODULES="${PIP2_MODULES} web.py==0.51 uwsgi netifaces" fi fi @@ -118,7 +120,17 @@ install_all() fi fi elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then - ALL_PKGS="${ALL_PKGS} postfix-ldap slapd ldap-utils libnet-ldap-perl libdbd-mysql-perl mariadb-server mariadb-client" + ALL_PKGS="${ALL_PKGS} slapd ldap-utils libnet-ldap-perl libdbd-mysql-perl mariadb-server mariadb-client" + + if [ X"${DISTRO_CODENAME}" == X'stretch' \ + -o X"${DISTRO_CODENAME}" == X'buster' \ + -o X"${DISTRO_CODENAME}" == X'bionic' ]; then + # Debian, Ubuntu 18.04 + ALL_PKGS="${ALL_PKGS} postfix-ldap" + else + # Ubuntu 20.04+ + PIP2_MODULES="${PIP2_MODULES} python-ldap==3.2.0" + fi elif [ X"${DISTRO}" == X'OPENBSD' ]; then ALL_PKGS="${ALL_PKGS} openldap-server${OB_PKG_OPENLDAP_SERVER_VER}" PKG_SCRIPTS="${PKG_SCRIPTS} ${OPENLDAP_RC_SCRIPT_NAME}" @@ -367,6 +379,8 @@ EOF if [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ]; then ALL_PKGS="${ALL_PKGS} gcc libcurl-devel openssl-devel python2-devel python2-pip" [ X"${BACKEND}" == X'OPENLDAP' ] && ALL_PKGS="${ALL_PKGS} openldap-devel" + elif [ X"${DISTRO}" == X'UBUNTU' -a X"${DISTRO_CODENAME}" != X'bionic' ]; then + ALL_PKGS="${ALL_PKGS} python2-dev curl libcurl4-openssl-dev python-setuptools" fi # iRedAPD. @@ -393,11 +407,26 @@ EOF elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then ALL_PKGS="${ALL_PKGS} python-sqlalchemy python-dnspython" - [ X"${BACKEND}" == X'OPENLDAP' ] && ALL_PKGS="${ALL_PKGS} python-ldap python-mysqldb" - [ X"${BACKEND}" == X'MYSQL' ] && ALL_PKGS="${ALL_PKGS} python-mysqldb" - [ X"${BACKEND}" == X'PGSQL' ] && ALL_PKGS="${ALL_PKGS} python-psycopg2" - [ X"${DISTRO}" == X'UBUNTU' ] && ALL_PKGS="${ALL_PKGS} python-pymysql" + if [ X"${DISTRO}" == X'DEBIAN' ]; then + [ X"${BACKEND}" == X'OPENLDAP' ] && ALL_PKGS="${ALL_PKGS} python-ldap python-mysqldb" + [ X"${BACKEND}" == X'MYSQL' ] && ALL_PKGS="${ALL_PKGS} python-mysqldb" + [ X"${BACKEND}" == X'PGSQL' ] && ALL_PKGS="${ALL_PKGS} python-psycopg2" + else + if [ X"${DISTRO_CODENAME}" == X'bionic' ]; then + # Ubuntu 18.04 + [ X"${BACKEND}" == X'OPENLDAP' ] && ALL_PKGS="${ALL_PKGS} python-ldap python-mysqldb" + [ X"${BACKEND}" == X'MYSQL' ] && ALL_PKGS="${ALL_PKGS} python-mysqldb" + [ X"${BACKEND}" == X'PGSQL' ] && ALL_PKGS="${ALL_PKGS} python-psycopg2" + else + [ X"${BACKEND}" == X'OPENLDAP' ] && PIP2_MODULES="${PIP2_MODULES} python-ldap PyMySQL" + [ X"${BACKEND}" == X'MYSQL' ] && PIP2_MODULES="${PIP2_MODULES} PyMySQL" + if [ X"${BACKEND}" == X'PGSQL' ]; then + ALL_PKGS="${ALL_PKGS} postgresql-server-dev-12" + PIP2_MODULES="${PIP2_MODULES} psycopg2" + fi + fi + fi elif [ X"${DISTRO}" == X'OPENBSD' ]; then ALL_PKGS="${ALL_PKGS} py-sqlalchemy py-dnspython" @@ -420,13 +449,17 @@ EOF [ X"${DISTRO_VERSION}" == X'8' ] && ALL_PKGS="${ALL_PKGS} python2-jinja2 python2-requests" elif [ X"${DISTRO}" == X'DEBIAN' -o X"${DISTRO}" == X'UBUNTU' ]; then - ALL_PKGS="${ALL_PKGS} python-jinja2 python-netifaces python-pycurl python-requests uwsgi uwsgi-plugin-python" + ALL_PKGS="${ALL_PKGS} python-jinja2 python-netifaces python-pycurl" if [ X"${DISTRO_CODENAME}" == X"bionic" -o X"${DISTRO_CODENAME}" == X"stretch" ]; then - ALL_PKGS="${ALL_PKGS} python-webpy" + ALL_PKGS="${ALL_PKGS} python-webpy python-requests uwsgi uwsgi-plugin-python" else # Install webpy with pip - ALL_PKGS="${ALL_PKGS} python-pip" + if [ X"${DISTRO_CODENAME}" == X"buster" ]; then + ALL_PKGS="${ALL_PKGS} python-pip" + fi + + PIP2_MODULES="${PIP2_MODULES} requests uwsgi" fi # Ubuntu @@ -541,6 +574,11 @@ EOF after_package_installation() { + pip_args='' + if [ X"${PIP_MIRROR_SITE}" != X'' -a X"${PIP_TRUSTED_HOST}" != X'' ]; then + pip_args="-i ${PIP_MIRROR_SITE} --trusted-host ${PIP_TRUSTED_HOST}" + fi + if [ X"${DISTRO}" == X'OPENBSD' ]; then # Create symbol links for php. if [ X"${IREDMAIL_USE_PHP}" == X'YES' ]; then @@ -574,13 +612,18 @@ EOF if [ X"${DISTRO_CODENAME}" != X"bionic" -a X"${DISTRO_CODENAME}" != X"stretch" ]; then ${CMD_PIP2} install --no-deps ${PKG_MISC_DIR}/webpy-0.51.tar.gz &> ${RUNTIME_DIR}/uwsgi_install.log fi - elif [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ]; then - ECHO_INFO "Installing required Python-2 modules with pip." - pip_args='' - if [ X"${PIP_MIRROR_SITE}" != X'' -a X"${PIP_TRUSTED_HOST}" != X'' ]; then - pip_args="-i ${PIP_MIRROR_SITE} --trusted-host ${PIP_TRUSTED_HOST}" + if [ X"${DISTRO_CODENAME}" == X'focal' ]; then + ECHO_INFO "Install pip for Python 2." + cd /tmp + ${FETCH_CMD} https://bootstrap.pypa.io/get-pip.py + python2 get-pip.py ${pip_args} + rm -f get-pip.py + + ${CMD_PIP2} install ${pip_args} -U ${PIP2_MODULES} fi + elif [ X"${DISTRO}" == X'RHEL' -a X"${DISTRO_VERSION}" == X'8' ]; then + ECHO_INFO "Installing required Python-2 modules with pip." # Install py2 modules. # pycurl requires specified ssl library. diff --git a/samples/fail2ban/jail.d/dovecot.local b/samples/fail2ban/jail.d/dovecot.local index 84526ef4..5bda97c4 100644 --- a/samples/fail2ban/jail.d/dovecot.local +++ b/samples/fail2ban/jail.d/dovecot.local @@ -1,4 +1,4 @@ -[dovecot-iredmail] +[dovecot] enabled = true filter = dovecot.iredmail logpath = PH_DOVECOT_LOG_FILE diff --git a/samples/fail2ban/jail.d/postfix-pregreet.local b/samples/fail2ban/jail.d/postfix-pregreet.local index f81f6330..a8230fd3 100644 --- a/samples/fail2ban/jail.d/postfix-pregreet.local +++ b/samples/fail2ban/jail.d/postfix-pregreet.local @@ -1,7 +1,7 @@ -[postfix-pregreet-iredmail] +[postfix-pregreet] enabled = true maxretry = 1 filter = postfix-pregreet.iredmail logpath = PH_MAILLOG -action = PH_FAIL2BAN_ACTION[name=postfix, port="PH_FAIL2BAN_DISABLED_SERVICES", protocol=tcp] - banned_db[name=postfix, port="PH_FAIL2BAN_DISABLED_SERVICES", protocol=tcp] +action = PH_FAIL2BAN_ACTION[name=postfix-pregreet, port="PH_FAIL2BAN_DISABLED_SERVICES", protocol=tcp] + banned_db[name=postfix-pregreet, port="PH_FAIL2BAN_DISABLED_SERVICES", protocol=tcp] diff --git a/samples/fail2ban/jail.d/postfix.local b/samples/fail2ban/jail.d/postfix.local index 3a54bfab..8296435d 100644 --- a/samples/fail2ban/jail.d/postfix.local +++ b/samples/fail2ban/jail.d/postfix.local @@ -1,4 +1,4 @@ -[postfix-iredmail] +[postfix] enabled = true filter = postfix.iredmail logpath = PH_MAILLOG diff --git a/samples/fail2ban/jail.d/roundcube.local b/samples/fail2ban/jail.d/roundcube.local index 2f4547ac..3bad4c16 100644 --- a/samples/fail2ban/jail.d/roundcube.local +++ b/samples/fail2ban/jail.d/roundcube.local @@ -1,4 +1,4 @@ -[roundcube-iredmail] +[roundcube] enabled = false findtime = 3600 filter = roundcube.iredmail diff --git a/samples/fail2ban/jail.d/sogo.local b/samples/fail2ban/jail.d/sogo.local index 35937236..90ed51a4 100644 --- a/samples/fail2ban/jail.d/sogo.local +++ b/samples/fail2ban/jail.d/sogo.local @@ -1,4 +1,4 @@ -[sogo-iredmail] +[sogo] enabled = false filter = sogo-auth logpath = PH_SOGO_LOG_FILE diff --git a/samples/freebsd/syslog.d/fail2ban.conf b/samples/freebsd/syslog.d/fail2ban.conf new file mode 100644 index 00000000..fc4a337e --- /dev/null +++ b/samples/freebsd/syslog.d/fail2ban.conf @@ -0,0 +1,2 @@ +!fail2ban +PH_FAIL2BAN_SYSLOG_FACILITY.* PH_FAIL2BAN_LOG_FILE diff --git a/samples/netdata/netdata.conf b/samples/netdata/netdata.conf index c7d62c9f..44b126cd 100644 --- a/samples/netdata/netdata.conf +++ b/samples/netdata/netdata.conf @@ -50,7 +50,8 @@ update every = 3 # Log files - #access log = syslog + # Nginx logs access log, netdata no need to log it again. + access log = none #error log = syslog #debug log = syslog diff --git a/samples/rsyslog.d/1-iredmail-fail2ban.conf b/samples/rsyslog.d/1-iredmail-fail2ban.conf new file mode 100755 index 00000000..1c9361fd --- /dev/null +++ b/samples/rsyslog.d/1-iredmail-fail2ban.conf @@ -0,0 +1,2 @@ +if $programname startswith 'fail2ban' or ($programname == 'journal' and $msg startswith 'fail2ban') then -PH_FAIL2BAN_LOG_FILE +& stop