version: '3' tasks: default: cmds: - if command -v task; then task -l else go-task -l; fi silent: true folders: desc: Make folders for server cmds: - sudo mkdir -p ../{config,backup,srvtls} - sudo chmod 700 ../{config,backup,srvtls,server} - sudo chown 1000 ../{config,backup,srvtls,server} preconditions: - sh: "test ${PWD##*/} = 'server'" status: desc: Server Status cmds: - sudo -v - task: f2bs - task: ztrs f2bs: cmds: - sudo fail2ban-client get sshd banip --with-time - sudo fail2ban-client get bad-auth banip --with-time - tail -n 20 /var/log/fail2ban.log preconditions: - sh: 'command -v fail2ban-client' ztrs: cmds: - sudo zerotier-cli status - sudo zerotier-cli listnetworks preconditions: - sh: 'command -v zerotier-cli' mailu: desc: Setup fail2ban for mailu frontend cmds: - sudo systemctl enable --now fail2ban - sudo cp mailu-f2b/fail2ban-bad-auth-filter.conf /etc/fail2ban/filter.d/bad-auth.conf - sudo cp mailu-f2b/fail2ban-bad-auth-jail.conf /etc/fail2ban/jail.d/bad-auth.conf - sudo cp mailu-f2b/fail2ban-sshd-jail.conf /etc/fail2ban/jail.d/sshd.conf - sudo cp mailu-f2b/fail2ban-docker-action.conf /etc/fail2ban/action.d/docker-action.conf - sudo mkdir -p /etc/systemd/system/fail2ban.service.d - sudo cp mailu-f2b/fail2ban-override.conf /etc/systemd/system/fail2ban.service.d/override.conf - sudo sudo systemctl daemon-reload - sudo systemctl restart fail2ban sources: - mailu-f2b/fail2ban-bad-auth-filter.conf - mailu-f2b/fail2ban-bad-auth-jail.conf - mailu-f2b/fail2ban-sshd-jail.conf - mailu-f2b/fail2ban-docker-action.conf - mailu-f2b/fail2ban-override.conf generates: - /etc/fail2ban/filter.d/bad-auth.conf - /etc/fail2ban/jail.d/bad-auth.conf - /etc/fail2ban/jail.d/sshd.conf - /etc/fail2ban/action.d/docker-action.conf - /etc/systemd/system/fail2ban.service.d/override.conf preconditions: - sh: 'command -v fail2ban-server'