1
0
mirror of https://github.com/tommytran732/Fedora-CoreOS-Ignition synced 2024-11-09 11:41:34 -05:00

Remove fail2ban

Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-09-12 12:07:04 -04:00
parent 2387d6f27f
commit 254eeaef42
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
6 changed files with 6 additions and 48 deletions

File diff suppressed because one or more lines are too long

View File

@ -28,7 +28,7 @@ systemd:
[Service] [Service]
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
ExecStart=/bin/touch /var/lib/%N.stamp ExecStart=/bin/touch /var/lib/%N.stamp
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
@ -97,18 +97,6 @@ storage:
days = [ "Sun" ] days = [ "Sun" ]
start_time = "0:00" start_time = "0:00"
length_minutes = 60 length_minutes = 60
- path: /etc/fail2ban/jail.local
contents:
inline: |
[DEFAULT]
# Maximum 3 failures:
maxentry = 3
# Ban hosts for one hour:
bantime = 3600
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
- path: /etc/tuned/active_profile - path: /etc/tuned/active_profile
overwrite: true overwrite: true
contents: contents:
@ -149,8 +137,6 @@ storage:
target: ../usr/share/zoneinfo/America/New_York target: ../usr/share/zoneinfo/America/New_York
- path: /etc/systemd/system/multi-user.target.wants/tuned.service - path: /etc/systemd/system/multi-user.target.wants/tuned.service
target: /usr/lib/systemd/system/tuned.service target: /usr/lib/systemd/system/tuned.service
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
target: /usr/lib/systemd/system/fail2ban.service
- path: /etc/systemd/system/kdump.service.target - path: /etc/systemd/system/kdump.service.target
target: /dev/null target: /dev/null
kernel_arguments: kernel_arguments:

File diff suppressed because one or more lines are too long

View File

@ -28,7 +28,7 @@ systemd:
[Service] [Service]
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
ExecStart=/bin/touch /var/lib/%N.stamp ExecStart=/bin/touch /var/lib/%N.stamp
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
@ -99,18 +99,6 @@ storage:
days = [ "Sun" ] days = [ "Sun" ]
start_time = "0:00" start_time = "0:00"
length_minutes = 60 length_minutes = 60
- path: /etc/fail2ban/jail.local
contents:
inline: |
[DEFAULT]
# Maximum 3 failures:
maxentry = 3
# Ban hosts for one hour:
bantime = 3600
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
- path: /etc/tuned/active_profile - path: /etc/tuned/active_profile
overwrite: true overwrite: true
contents: contents:
@ -151,8 +139,6 @@ storage:
target: ../usr/share/zoneinfo/America/New_York target: ../usr/share/zoneinfo/America/New_York
- path: /etc/systemd/system/multi-user.target.wants/tuned.service - path: /etc/systemd/system/multi-user.target.wants/tuned.service
target: /usr/lib/systemd/system/tuned.service target: /usr/lib/systemd/system/tuned.service
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
target: /usr/lib/systemd/system/fail2ban.service
- path: /etc/systemd/system/kdump.service.target - path: /etc/systemd/system/kdump.service.target
target: /dev/null target: /dev/null
kernel_arguments: kernel_arguments:

File diff suppressed because one or more lines are too long

View File

@ -28,7 +28,7 @@ systemd:
[Service] [Service]
Type=oneshot Type=oneshot
RemainAfterExit=yes RemainAfterExit=yes
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
ExecStart=/bin/touch /var/lib/%N.stamp ExecStart=/bin/touch /var/lib/%N.stamp
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
@ -98,18 +98,6 @@ storage:
days = [ "Sun" ] days = [ "Sun" ]
start_time = "0:00" start_time = "0:00"
length_minutes = 60 length_minutes = 60
- path: /etc/fail2ban/jail.local
contents:
inline: |
[DEFAULT]
# Maximum 3 failures:
maxentry = 3
# Ban hosts for one hour:
bantime = 3600
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport
[sshd]
enabled = true
- path: /etc/tuned/active_profile - path: /etc/tuned/active_profile
overwrite: true overwrite: true
contents: contents:
@ -150,8 +138,6 @@ storage:
target: ../usr/share/zoneinfo/America/New_York target: ../usr/share/zoneinfo/America/New_York
- path: /etc/systemd/system/multi-user.target.wants/tuned.service - path: /etc/systemd/system/multi-user.target.wants/tuned.service
target: /usr/lib/systemd/system/tuned.service target: /usr/lib/systemd/system/tuned.service
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
target: /usr/lib/systemd/system/fail2ban.service
- path: /etc/systemd/system/kdump.service.target - path: /etc/systemd/system/kdump.service.target
target: /dev/null target: /dev/null
kernel_arguments: kernel_arguments: