more fail2ban config options

This commit is contained in:
Mathias Merscher 2019-03-09 21:46:23 +01:00 committed by Thomas Maurice
parent 41797ebdfd
commit 559efa281f
3 changed files with 15 additions and 4 deletions

View file

@ -107,7 +107,13 @@ The following have been tested with Debian 8, it should work on Ubuntu as well.
### Fail2Ban configuration ### Fail2Ban configuration
If enabled, this will deploy a fail2ban filter and jail config for Gitea as described in the [Gitea Documentation](https://docs.gitea.io/en-us/fail2ban-setup/). Fail2ban has to be already installed.
* `gitea_fail2ban_enabled`: Wether to deploy the fail2ban config snippets * `gitea_fail2ban_enabled`: Wether to deploy the fail2ban config snippets
* `gitea_fail2ban_jail_maxretry`: fail2ban jail `maxretry` setting. Default: `10`
* `gitea_fail2ban_jail_findtime`: fail2ban jail `findtime` setting. Default: `3600`
* `gitea_fail2ban_jail_bantime`: fail2ban jail `bantime` setting. Default: `900`
* `gitea_fail2ban_jail_action`: fail2ban jail `action` setting. Default: `iptables-allports`
## Disclaimer ## Disclaimer
This module is currently a work in progress. For now it is only able to install This module is currently a work in progress. For now it is only able to install

View file

@ -42,3 +42,8 @@ gitea_mailer_host: localhost:25
gitea_mailer_from: noreply@your.domain gitea_mailer_from: noreply@your.domain
gitea_fail2ban_enabled: false gitea_fail2ban_enabled: false
gitea_fail2ban_jail_maxretry: 10
gitea_fail2ban_jail_findtime: 3600
gitea_fail2ban_jail_bantime: 900
gitea_fail2ban_jail_action: iptables-allports

View file

@ -3,7 +3,7 @@ enabled = true
port = http,https port = http,https
filter = gitea filter = gitea
logpath = {{ gitea_home }}/log/gitea.log logpath = {{ gitea_home }}/log/gitea.log
maxretry = 10 maxretry = {{ gitea_fail2ban_jail_maxretry }}
findtime = 3600 findtime = {{ gitea_fail2ban_jail_findtime }}
bantime = 900 bantime = {{ gitea_fail2ban_jail_bantime }}
action = ufw action = {{ gitea_fail2ban_jail_action }}