Tomster/Pterodactyl-Script
1
0
Fork 0
mirror of https://github.com/tommytran732/Pterodactyl-Script synced 2024-09-07 18:23:30 -04:00
Code

Add Fail2ban rules for wings

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2022-12-16 15:47:10 -05:00
parent bb5078e348
commit 8627d65ac1
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2
2 changed files with 32 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -15,6 +15,7 @@ Visit my Matrix group: https://matrix.to/#/#tommy:arcticfoxes.net
- Daemon installation
- Daemon upgrade
- Basic firewall configuration
- Fail2ban for SSH and Wings
- Automatic LetsEncrypt certificate generation
- MariaDB SSL
- HSTS enabled
@ -26,9 +27,7 @@ Visit my Matrix group: https://matrix.to/#/#tommy:arcticfoxes.net
Currently, PHP, Composer, and Redis are installed from Remi's modular repository. As such, they will only get minor version updates with `dnf upgrade` (PHP 8.1.0 -> PHP 8.1.x for example). For updates between major versions of these dependencies, use `dnf module` to change the appstream for these dependencies.<br />
```bash
dnf module reset php:remi-8.0
dnf module install php:remi-8.1
dnf distro-sync
dnf module switch-to php:remi-8.1
```
NGINX, MariaDB, and Docker-CE uses upstream repositories and will get the latest version available on there automatically.

29
install.sh
View File

@ -449,6 +449,35 @@ WantedBy=multi-user.target
EOF
systemctl enable wings
output "Adding Fail2ban rules for Wings SFTP"
echo '[wings]
enabled = true
port = 2022
logpath = /var/log/pterodactyl/wings.log
maxretry = 5
findtime = 3600
bantime = -1
backend = systemd' | tee -a /etc/fail2ban/jail.local
bash -c 'cat > /etc/fail2ban/conf.d/wings.conf' <<-'EOF'
# Fail2Ban filter for wings (Pterodactyl daemon)
#
#
#
# "WARN: [Sep 8 18:51:00.414] failed to validate user credentials (invalid format) ip=<HOST>:51782 subsystem=sftp username=logout"
#
[INCLUDES]
before = common.conf
[Definition]
_daemon = wings
failregex = failed to validate user credentials \([^\)]+\) ip=<HOST>:.* subsystem=sftp username=.*$
ignoreregex =
[Init]
datepattern = \[%%b %%d %%H:%%M:%%S.%%f\]
EOF
systemctl restart fail2ban
output "Wings ${WINGS} has now been installed on your system."
output "You should go to your panel and configure the node now."
output "If you get `bash: wings: command not found` when running the auto deployment command, replace `wings` with `/usr/local/bin/wings` and it will work."