summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFélix Sipma2017-11-10 10:28:48 +0100
committerFélix Sipma2017-11-10 10:28:48 +0100
commit3929ef0224d230f66b8d763faaf092b2c20cb1fe (patch)
tree183098c5e1af95af818d891e32aa743ec1208927
parent543fb89f5b94402a3fdb62f27832cfe1f9f1842e (diff)
Fail2Ban: ensure old .conf files are removed
-rw-r--r--src/Propellor/Property/Fail2Ban.hs20
1 files changed, 14 insertions, 6 deletions
diff --git a/src/Propellor/Property/Fail2Ban.hs b/src/Propellor/Property/Fail2Ban.hs
index ca62fe62..6428a19f 100644
--- a/src/Propellor/Property/Fail2Ban.hs
+++ b/src/Propellor/Property/Fail2Ban.hs
@@ -2,6 +2,7 @@ module Propellor.Property.Fail2Ban where
import Propellor.Base
import qualified Propellor.Property.Apt as Apt
+import qualified Propellor.Property.File as File
import qualified Propellor.Property.Service as Service
import Propellor.Property.ConfFile
@@ -30,17 +31,24 @@ jailEnabled' name settings =
-- | Configures a jail. For example:
--
--- > jailConfigured "sshd" [("port", "2222")]
-jailConfigured' :: Jail -> [(IniKey, String)] -> RevertableProperty UnixLike UnixLike
-jailConfigured' name settings =
- jailConfFile name `iniFileContains` [(name, settings)]
+-- > jailConfigured' "sshd" [("port", "2222")]
+jailConfigured' :: Jail -> [(IniKey, String)] -> Property UnixLike
+jailConfigured' name settings = propertyList ("jail \"" ++ name ++ "\" configuration") $ props
+ & File.notPresent (oldJailConfFile name)
+ -- ^ removes .conf files added by old versions of Fail2Ban properties
+ & jailConfFile name `iniFileContains` [(name, settings)]
-- | Adds a setting to a given jail. For example:
--
-- > jailConfigured "sshd" "port" "2222"
jailConfigured :: Jail -> IniKey -> String -> Property UnixLike
-jailConfigured name key value =
- jailConfFile name `containsIniSetting` (name, key, value)
+jailConfigured name key value = propertyList ("jail \"" ++ name ++ "\" configuration") $ props
+ & File.notPresent (oldJailConfFile name)
+ -- ^ removes .conf files added by old versions of Fail2Ban properties
+ & jailConfFile name `containsIniSetting` (name, key, value)
+
+oldJailConfFile :: Jail -> FilePath
+oldJailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".conf"
jailConfFile :: Jail -> FilePath
jailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".local"