fail2ban: fix missing ufw filter

Signed-off-by: nachoparker <[email protected]>
nextcloud · Jun 1, 2019 · 5924131 · 5924131
1 parent c71b37f
commit 5924131
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 5 deletions.
diff --git a/bin/ncp/NETWORKING/letsencrypt.sh b/bin/ncp/NETWORKING/letsencrypt.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-# Let's encrypt certbot installation on Raspbian 
+# Let's encrypt certbot installation on NextCloudPi
 #
 # Copyleft 2017 by Ignacio Nunez Hernanz <nacho _a_t_ ownyourbits _d_o_t_ com>
 # GPL licensed (see end of file) * Use at your own risk!
@@ -42,7 +42,7 @@ EOF
 }
 
 # tested with certbot 0.28.0
-configure() 
+configure()
 {
   local DOMAIN_LOWERCASE="${DOMAIN,,}"
 
@@ -97,7 +97,7 @@ EOF
     # delayed in bg so it does not kill the connection, and we get AJAX response
     bash -c "sleep 2 && service apache2 reload" &>/dev/null &
     rm -rf $ncdir/.well-known
-    
+
     # Update configuration
     [[ "$DOCKERBUILD" == 1 ]] && update-rc.d letsencrypt enable
 

diff --git a/changelog.md b/changelog.md
@@ -1,7 +1,9 @@
 
-[v1.12.9](https://github.com/nextcloud/nextcloudpi/commit/cc89c7e) (2019-05-27) ncp-notify-updates: dont spam cron mail
+[v1.12.10](https://github.com/nextcloud/nextcloudpi/commit/d826236) (2019-06-01) fail2ban: fix missing ufw filter
 
-[v1.12.8](https://github.com/nextcloud/nextcloudpi/commit/bfdc475) (2019-05-25) docker: mount timezone
+[v1.12.9](https://github.com/nextcloud/nextcloudpi/commit/c71b37f) (2019-05-27) ncp-notify-updates: dont spam cron mail
+
+[v1.12.8 ](https://github.com/nextcloud/nextcloudpi/commit/bfdc475) (2019-05-25) docker: mount timezone
 
 [v1.12.7](https://github.com/nextcloud/nextcloudpi/commit/76137ed) (2019-05-25) ncp-app: bump to NC16
 

diff --git a/update.sh b/update.sh
@@ -231,6 +231,15 @@ EOF
   # fix logrotate files
   chmod 0444 /etc/logrotate.d/*
 
+  # update fail2ban filters
+  cat > /etc/fail2ban/filter.d/ufwban.conf <<'EOF'
+[INCLUDES]
+before = common.conf
+[Definition]
+failregex = UFW BLOCK.* SRC=
+ignoreregex =
+EOF
+
   # remove redundant opcache configuration. Leave until update bug is fixed -> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815968
   # Bug #416 reappeared after we moved to php7.2 and debian buster packages. (keep last)
   [[ "$( ls -l /etc/php/7.2/fpm/conf.d/*-opcache.ini |  wc -l )" -gt 1 ]] && rm "$( ls /etc/php/7.2/fpm/conf.d/*-opcache.ini | tail -1 )"