Issue 2487 - Introduce fail2ban module

modules/fail2ban/manifests/filter.pp

Index: modules/fail2ban/manifests/filter.pp
===================================================================
new file mode 100644
--- /dev/null
+++ b/modules/fail2ban/manifests/filter.pp
@@ -0,0 +1,47 @@
+# == Type: fail2ban::filter
+#
+# Manage filter information and files for any custom filter.
+#
+# == Parameters:
+#
+# [*regexes*]
+#   Array of strings containing the regular expressions applied to
+#   the filter.
+#
+# [*ensure*]
+#   Translates directly into the state of the file resource.
+#
+# === Examples:
+#
+#   fail2ban::filter {'CVE-2013-0235':
+#     regexes => [
+#       '^<HOST>.*\"WordPress\/.*',
+#	'^.*\"WordPress\/.*<HOST>.*',
+#     ],
+#     'ensure' => 'present',
+#   }
+#
+define fail2ban::filter (
+  $regexes = [],
+  $ensure = 'present',
+) {
+
+  include fail2ban
+  include stdlib
+
+  if (size($regexes) == 0) and ($ensure == 'present') {
+    fail("An array of one or more regular expressions is needed if you want",
+    	  "to create a filter file.")

[mathias, 2016/12/01 09:28:30]

Please do not personalized messages ("you"). There is also no necessity to be
*that* verbose, but well.

[f.lopez, 2016/12/01 10:16:04]

Acknowledged.

+  }
+
+  file {"/etc/fail2ban/filter.d/$title.conf":

[mathias, 2016/12/01 09:28:30]

Please use $name (and document that this parameter is used to compose the file
name).

[f.lopez, 2016/12/01 10:16:04]

Acknowledged.

+    ensure => $ensure,
+    content => template("fail2ban/filter.erb"),
+    group => 'root',
+    mode => '0644',
+    owner => 'root',
+    require => Package['fail2ban'],
+    notify => Service['fail2ban'],
+  }
+}
+