56 lines
1.6 KiB
YAML
56 lines
1.6 KiB
YAML
version: '3'
|
|
|
|
tasks:
|
|
|
|
default:
|
|
cmds:
|
|
- if command -v task; then task -l else go-task -l; fi
|
|
silent: true
|
|
|
|
folders:
|
|
desc: Make folders for server
|
|
cmds:
|
|
- sudo mkdir -p ../{config,backup,srvtls}
|
|
- sudo chmod 700 ../{config,backup,srvtls,server}
|
|
- sudo chown 1000 ../{config,backup,srvtls,server}
|
|
preconditions:
|
|
- sh: "test ${PWD##*/} = 'server'"
|
|
|
|
status:
|
|
desc: Server Status
|
|
cmds:
|
|
- sudo -v
|
|
- task: f2bs
|
|
- task: ztrs
|
|
|
|
f2bs:
|
|
cmds:
|
|
- sudo fail2ban-client get sshd banip --with-time
|
|
- sudo fail2ban-client get bad-auth banip --with-time
|
|
- tail -n 20 /var/log/fail2ban.log
|
|
preconditions:
|
|
- sh: 'command -v fail2ban-client'
|
|
|
|
ztrs:
|
|
cmds:
|
|
- sudo zerotier-cli status
|
|
- sudo zerotier-cli listnetworks
|
|
preconditions:
|
|
- sh: 'command -v zerotier-cli'
|
|
|
|
mailu:
|
|
desc: Setup fail2ban for mailu frontend
|
|
cmds:
|
|
- sudo systemctl enable --now fail2ban
|
|
- sudo cp mailu-f2b/fail2ban-bad-auth-filter.conf /etc/fail2ban/filter.d/bad-auth.conf
|
|
- sudo cp mailu-f2b/fail2ban-bad-auth-jail.conf /etc/fail2ban/jail.d/bad-auth.conf
|
|
- sudo cp mailu-f2b/fail2ban-sshd-jail.conf /etc/fail2ban/jail.d/sshd.conf
|
|
- sudo cp mailu-f2b/fail2ban-docker-action.conf /etc/fail2ban/action.d/docker-action.conf
|
|
- sudo mkdir -p /etc/systemd/system/fail2ban.service.d
|
|
- sudo cp mailu-f2b/fail2ban-override.conf /etc/systemd/system/fail2ban.service.d/override.conf
|
|
- sudo sudo systemctl daemon-reload
|
|
- sudo systemctl restart fail2ban
|
|
preconditions:
|
|
- sh: 'command -v fail2ban-server'
|
|
|