quick-jibri-installer/tools/fail2ban_ssh.sh

#!/bin/bash
# Simple Fail2ban configuration
# SwITNet Ltd © - 2024, https://switnet.net/
# GNU GPLv3 or later.

while getopts m: option
do
	case "${option}"
	in
		m) MODE=${OPTARG};;
		\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;
	esac
done

#DEBUG
if [ "$MODE" = "debug" ]; then
set -x
fi

#Check if user is root
if ! [ "$(id -u)" = 0 ]; then
   echo "You need to be root or have sudo privileges!"
   exit 0
fi

apt-get -y install fail2ban

if \
[ -f /var/log/ssh_f2b.log ] && \
[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \
[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then
    echo -e "\nFail2ban seems to be already configured.\n"
else
    echo -e "\nConfiguring Fail2ban...\n"
cat << F2BAN >> /etc/fail2ban/jail.local
[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/ssh_f2b.log
maxretry = 3
bantime = 604800
F2BAN
fi
systemctl restart fail2ban
Add fail2ban tool 2020-10-28 21:07:07 +00:00			`#!/bin/bash`
			`# Simple Fail2ban configuration`
misc: 2024 update copyright year. 2024-03-21 20:09:38 +00:00			`# SwITNet Ltd © - 2024, https://switnet.net/`
Add fail2ban tool 2020-10-28 21:07:07 +00:00			`# GNU GPLv3 or later.`

			`while getopts m: option`
			`do`
			`case "${option}"`
			`in`
			`m) MODE=${OPTARG};;`
7.0 (#80) * Major rework, comply with shellcheck ## Add * Add experimental tool for AWS grub setup. ## Fix * Fix grafana configuration * Actually apply changes to nginx conf instead of symlink. * Actually require to run with admin rights. * Improve comments. * Rename and fix set_once function. * Fix jibri domain. ## Improve * Comply mode section with shellcheck recommendations. * Comply tools section with shellcheck recommendations. * Comply main scripts with shellcheck recommendations. * Improve shell quality * Change JDK version to 11 * Make warning visible. * Change email position, and small fixes * Several indenting changes * Set warning instead of "note". * Yet again more fixes on echo and printf * Standarize jra_nextcloud * Add comment on debconf state * Update SwITNet copyright and standarize debug option for scripts. ## Remove * Rename deprecated scripts folder * Remove old * Remove unused code * Finally remove jigasi deprecated script. 2022-05-21 01:07:02 +00:00			`\?) echo "Usage: sudo bash ./$0 [-m debug]" && exit;;`
Add fail2ban tool 2020-10-28 21:07:07 +00:00			`esac`
			`done`

			`#DEBUG`
			`if [ "$MODE" = "debug" ]; then`
			`set -x`
			`fi`

			`#Check if user is root`
7.0 (#80) * Major rework, comply with shellcheck ## Add * Add experimental tool for AWS grub setup. ## Fix * Fix grafana configuration * Actually apply changes to nginx conf instead of symlink. * Actually require to run with admin rights. * Improve comments. * Rename and fix set_once function. * Fix jibri domain. ## Improve * Comply mode section with shellcheck recommendations. * Comply tools section with shellcheck recommendations. * Comply main scripts with shellcheck recommendations. * Improve shell quality * Change JDK version to 11 * Make warning visible. * Change email position, and small fixes * Several indenting changes * Set warning instead of "note". * Yet again more fixes on echo and printf * Standarize jra_nextcloud * Add comment on debconf state * Update SwITNet copyright and standarize debug option for scripts. ## Remove * Rename deprecated scripts folder * Remove old * Remove unused code * Finally remove jigasi deprecated script. 2022-05-21 01:07:02 +00:00			`if ! [ "$(id -u)" = 0 ]; then`
Add fail2ban tool 2020-10-28 21:07:07 +00:00			`echo "You need to be root or have sudo privileges!"`
			`exit 0`
			`fi`

			`apt-get -y install fail2ban`

			`if \`
			`[ -f /var/log/ssh_f2b.log ] && \`
7.0 (#80) * Major rework, comply with shellcheck ## Add * Add experimental tool for AWS grub setup. ## Fix * Fix grafana configuration * Actually apply changes to nginx conf instead of symlink. * Actually require to run with admin rights. * Improve comments. * Rename and fix set_once function. * Fix jibri domain. ## Improve * Comply mode section with shellcheck recommendations. * Comply tools section with shellcheck recommendations. * Comply main scripts with shellcheck recommendations. * Improve shell quality * Change JDK version to 11 * Make warning visible. * Change email position, and small fixes * Several indenting changes * Set warning instead of "note". * Yet again more fixes on echo and printf * Standarize jra_nextcloud * Add comment on debconf state * Update SwITNet copyright and standarize debug option for scripts. ## Remove * Rename deprecated scripts folder * Remove old * Remove unused code * Finally remove jigasi deprecated script. 2022-05-21 01:07:02 +00:00			`[ "$(grep -c 604800 /etc/fail2ban/jail.local)" = "1" ] && \`
			`[ "$(grep -c ssh_f2b.log /etc/fail2ban/jail.local)" = "1" ]; then`
Add fail2ban tool 2020-10-28 21:07:07 +00:00			`echo -e "\nFail2ban seems to be already configured.\n"`
			`else`
			`echo -e "\nConfiguring Fail2ban...\n"`
			`cat << F2BAN >> /etc/fail2ban/jail.local`
			`[sshd]`
			`enabled = true`
			`port = 22`
			`filter = sshd`
			`logpath = /var/log/ssh_f2b.log`
			`maxretry = 3`
			`bantime = 604800`
			`F2BAN`
			`fi`
			`systemctl restart fail2ban`