mirror of
https://github.com/tommytran732/Fedora-CoreOS-Ignition
synced 2024-11-22 17:21:34 -05:00
Remove fail2ban
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
parent
2387d6f27f
commit
254eeaef42
File diff suppressed because one or more lines are too long
16
Generic.yml
16
Generic.yml
@ -28,7 +28,7 @@ systemd:
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent
|
ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
|
||||||
ExecStart=/bin/touch /var/lib/%N.stamp
|
ExecStart=/bin/touch /var/lib/%N.stamp
|
||||||
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
||||||
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
||||||
@ -97,18 +97,6 @@ storage:
|
|||||||
days = [ "Sun" ]
|
days = [ "Sun" ]
|
||||||
start_time = "0:00"
|
start_time = "0:00"
|
||||||
length_minutes = 60
|
length_minutes = 60
|
||||||
- path: /etc/fail2ban/jail.local
|
|
||||||
contents:
|
|
||||||
inline: |
|
|
||||||
[DEFAULT]
|
|
||||||
# Maximum 3 failures:
|
|
||||||
maxentry = 3
|
|
||||||
# Ban hosts for one hour:
|
|
||||||
bantime = 3600
|
|
||||||
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
|
|
||||||
banaction = iptables-multiport
|
|
||||||
[sshd]
|
|
||||||
enabled = true
|
|
||||||
- path: /etc/tuned/active_profile
|
- path: /etc/tuned/active_profile
|
||||||
overwrite: true
|
overwrite: true
|
||||||
contents:
|
contents:
|
||||||
@ -149,8 +137,6 @@ storage:
|
|||||||
target: ../usr/share/zoneinfo/America/New_York
|
target: ../usr/share/zoneinfo/America/New_York
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
||||||
target: /usr/lib/systemd/system/tuned.service
|
target: /usr/lib/systemd/system/tuned.service
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
|
|
||||||
target: /usr/lib/systemd/system/fail2ban.service
|
|
||||||
- path: /etc/systemd/system/kdump.service.target
|
- path: /etc/systemd/system/kdump.service.target
|
||||||
target: /dev/null
|
target: /dev/null
|
||||||
kernel_arguments:
|
kernel_arguments:
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
16
GitLab.yml
16
GitLab.yml
@ -28,7 +28,7 @@ systemd:
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent
|
ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
|
||||||
ExecStart=/bin/touch /var/lib/%N.stamp
|
ExecStart=/bin/touch /var/lib/%N.stamp
|
||||||
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
||||||
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
||||||
@ -99,18 +99,6 @@ storage:
|
|||||||
days = [ "Sun" ]
|
days = [ "Sun" ]
|
||||||
start_time = "0:00"
|
start_time = "0:00"
|
||||||
length_minutes = 60
|
length_minutes = 60
|
||||||
- path: /etc/fail2ban/jail.local
|
|
||||||
contents:
|
|
||||||
inline: |
|
|
||||||
[DEFAULT]
|
|
||||||
# Maximum 3 failures:
|
|
||||||
maxentry = 3
|
|
||||||
# Ban hosts for one hour:
|
|
||||||
bantime = 3600
|
|
||||||
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
|
|
||||||
banaction = iptables-multiport
|
|
||||||
[sshd]
|
|
||||||
enabled = true
|
|
||||||
- path: /etc/tuned/active_profile
|
- path: /etc/tuned/active_profile
|
||||||
overwrite: true
|
overwrite: true
|
||||||
contents:
|
contents:
|
||||||
@ -151,8 +139,6 @@ storage:
|
|||||||
target: ../usr/share/zoneinfo/America/New_York
|
target: ../usr/share/zoneinfo/America/New_York
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
||||||
target: /usr/lib/systemd/system/tuned.service
|
target: /usr/lib/systemd/system/tuned.service
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
|
|
||||||
target: /usr/lib/systemd/system/fail2ban.service
|
|
||||||
- path: /etc/systemd/system/kdump.service.target
|
- path: /etc/systemd/system/kdump.service.target
|
||||||
target: /dev/null
|
target: /dev/null
|
||||||
kernel_arguments:
|
kernel_arguments:
|
||||||
|
|||||||
File diff suppressed because one or more lines are too long
@ -28,7 +28,7 @@ systemd:
|
|||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
RemainAfterExit=yes
|
RemainAfterExit=yes
|
||||||
ExecStart=/usr/bin/rpm-ostree install fail2ban firewalld tuned qemu-guest-agent
|
ExecStart=/usr/bin/rpm-ostree install firewalld tuned qemu-guest-agent
|
||||||
ExecStart=/bin/touch /var/lib/%N.stamp
|
ExecStart=/bin/touch /var/lib/%N.stamp
|
||||||
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
ExecStart=/usr/bin/sed 's/nullok//g' /etc/pam.d/system-auth
|
||||||
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
ExecStart=/usr/bin/curl https://raw.githubusercontent.com/Whonix/security-misc/master/etc/modprobe.d/30_security-misc.conf -o /etc/modprobe.d/30_security-misc.conf
|
||||||
@ -98,18 +98,6 @@ storage:
|
|||||||
days = [ "Sun" ]
|
days = [ "Sun" ]
|
||||||
start_time = "0:00"
|
start_time = "0:00"
|
||||||
length_minutes = 60
|
length_minutes = 60
|
||||||
- path: /etc/fail2ban/jail.local
|
|
||||||
contents:
|
|
||||||
inline: |
|
|
||||||
[DEFAULT]
|
|
||||||
# Maximum 3 failures:
|
|
||||||
maxentry = 3
|
|
||||||
# Ban hosts for one hour:
|
|
||||||
bantime = 3600
|
|
||||||
# Override /etc/fail2ban/jail.d/00-firewalld.conf:
|
|
||||||
banaction = iptables-multiport
|
|
||||||
[sshd]
|
|
||||||
enabled = true
|
|
||||||
- path: /etc/tuned/active_profile
|
- path: /etc/tuned/active_profile
|
||||||
overwrite: true
|
overwrite: true
|
||||||
contents:
|
contents:
|
||||||
@ -150,8 +138,6 @@ storage:
|
|||||||
target: ../usr/share/zoneinfo/America/New_York
|
target: ../usr/share/zoneinfo/America/New_York
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
- path: /etc/systemd/system/multi-user.target.wants/tuned.service
|
||||||
target: /usr/lib/systemd/system/tuned.service
|
target: /usr/lib/systemd/system/tuned.service
|
||||||
- path: /etc/systemd/system/multi-user.target.wants/fail2ban.service
|
|
||||||
target: /usr/lib/systemd/system/fail2ban.service
|
|
||||||
- path: /etc/systemd/system/kdump.service.target
|
- path: /etc/systemd/system/kdump.service.target
|
||||||
target: /dev/null
|
target: /dev/null
|
||||||
kernel_arguments:
|
kernel_arguments:
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user