summaryrefslogtreecommitdiff
path: root/src/Propellor
diff options
context:
space:
mode:
authorFélix Sipma2017-11-08 14:59:13 +0100
committerFélix Sipma2017-11-08 15:05:20 +0100
commit41aa52e2fd1b046045c54fcfa24d8157228b8070 (patch)
treec38c9e6cc97ff873e6123097c7d105cd34132bbe /src/Propellor
parent0a23ae75450cb4938af34fdd591a0605244a62b9 (diff)
Fail2Ban: add jailEnabled' & jailConfigured'
Diffstat (limited to 'src/Propellor')
-rw-r--r--src/Propellor/Property/Fail2Ban.hs20
1 files changed, 16 insertions, 4 deletions
diff --git a/src/Propellor/Property/Fail2Ban.hs b/src/Propellor/Property/Fail2Ban.hs
index 9f147943..eed93f29 100644
--- a/src/Propellor/Property/Fail2Ban.hs
+++ b/src/Propellor/Property/Fail2Ban.hs
@@ -16,15 +16,27 @@ type Jail = String
-- | By default, fail2ban only enables the ssh jail, but many others
-- are available to be enabled, for example "postfix-sasl"
jailEnabled :: Jail -> Property DebianLike
-jailEnabled name = jailConfigured name "enabled" "true"
+jailEnabled name = jailEnabled' name []
+ `onChange` reloaded
+
+jailEnabled' :: Jail -> [(IniKey, String)] -> Property DebianLike
+jailEnabled' name settings =
+ jailConfigured' name (("enabled", "true") : settings)
`onChange` reloaded
-- | Configures a jail. For example:
--
--- > jailConfigured "sshd" "port" "2222"
+-- > jailConfigured "sshd" [("port", "2222")]
+jailConfigured' :: Jail -> [(IniKey, String)] -> RevertableProperty UnixLike UnixLike
+jailConfigured' name settings =
+ jailConfFile name `iniFileContains` [(name, settings)]
+
+-- | Adds a setting to a given jail. For example:
+--
+-- > jailConfigured "sshd" "port" "2222"
jailConfigured :: Jail -> IniKey -> String -> Property UnixLike
-jailConfigured name key value =
- jailConfFile name `containsIniSetting` (name, key, value)
+jailConfigured name key value =
+ jailConfFile name `containsIniSetting` (name, key, value)
jailConfFile :: Jail -> FilePath
jailConfFile name = "/etc/fail2ban/jail.d/" ++ name ++ ".conf"