Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Merge pull request #474 from modoboa/security/fail2ban
Added fail2ban setup
  • Loading branch information
tonioo committed Jan 31, 2023
2 parents 960f142 + 76ec16c commit 63d92b7
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 0 deletions.
25 changes: 25 additions & 0 deletions modoboa_installer/config_dict_template.py
Expand Up @@ -118,6 +118,31 @@ def is_email(user_input):
}
]
},
{
"name": "fail2ban",
"values": [
{
"option": "enabled",
"default": "true",
},
{
"option": "config_dir",
"default": "/etc/fail2ban"
},
{
"option": "max_retry",
"default": "20"
},
{
"option": "ban_time",
"default": "3600"
},
{
"option": "find_time",
"default": "30"
},
]
},
{
"name": "modoboa",
"values": [
Expand Down
17 changes: 17 additions & 0 deletions modoboa_installer/scripts/fail2ban.py
@@ -0,0 +1,17 @@
"""fail2ban related functions."""

from . import base


class Fail2ban(base.Installer):
"""Fail2ban installer."""

appname = "fail2ban"
packages = {
"deb": ["fail2ban"],
"rpm": ["fail2ban"]
}
config_files = [
"jail.d/modoboa.conf",
"filter.d/modoboa-auth.conf",
]
@@ -0,0 +1,9 @@
# Fail2Ban filter Modoboa authentication

[INCLUDES]

before = common.conf

[Definition]

failregex = modoboa\.auth: WARNING Failed connection attempt from \'<HOST>\' as user \'.*?\'$
@@ -0,0 +1,9 @@
[modoboa]
enabled = true
port = http,https
protocol = tcp
filter = modoboa-auth
maxretry = %max_retry
bantime = %ban_time
findtime = %find_time
logpath = /var/log/auth.log
1 change: 1 addition & 0 deletions run.py
Expand Up @@ -22,6 +22,7 @@

PRIMARY_APPS = [
"amavis",
"fail2ban",
"modoboa",
"automx",
"radicale",
Expand Down

0 comments on commit 63d92b7

Please sign in to comment.