75 lines
2.4 KiB
YAML
75 lines
2.4 KiB
YAML
version: '3'
|
|
|
|
tasks:
|
|
|
|
default:
|
|
cmds:
|
|
- if command -v task; then task -l else go-task -l; fi
|
|
silent: true
|
|
|
|
install:
|
|
desc: Install software
|
|
cmds:
|
|
- mkdir -p ~/.local/bin
|
|
- stat ~/.local/bin/task > /dev/null || cp go-task/task ~/.local/bin
|
|
- sudo cp go-task/task.bash /etc/bash_completion.d
|
|
- sudo cp zerotier/zerotier.repo /etc/yum.repos.d
|
|
- sudo cp docker/docker-ce.repo /etc/yum.repos.d
|
|
- sudo rpm-ostree install --idempotent fail2ban zerotier-one docker-compose-plugin
|
|
|
|
folders:
|
|
desc: Make folders for server
|
|
cmds:
|
|
- sudo mkdir -p /srv/{config,backup,gotask,rpdata,secret,srvtls,server}
|
|
- sudo chmod 700 /srv/{config,backup,gotask,rpdata,secret,srvtls,server}
|
|
- sudo chown 1000 /srv/{config,backup,gotask,rpdata,secret,srvtls,server}
|
|
- cp -r . /srv/server
|
|
- rm -r .
|
|
|
|
status:
|
|
desc: Server Status
|
|
cmds:
|
|
- sudo -v
|
|
- task: f2bs
|
|
- task: ztrs
|
|
|
|
f2bs:
|
|
cmds:
|
|
- #sudo fail2ban-client get sshd banip --with-time
|
|
- sudo fail2ban-client get bad-auth banip --with-time
|
|
- df
|
|
preconditions:
|
|
- sh: 'command -v fail2ban-client'
|
|
|
|
ztrs:
|
|
cmds:
|
|
- sudo zerotier-cli status
|
|
- sudo zerotier-cli listnetworks
|
|
preconditions:
|
|
- sh: 'command -v zerotier-cli'
|
|
|
|
mailu:
|
|
desc: Setup fail2ban for mailu frontend
|
|
cmds:
|
|
- sudo systemctl enable --now fail2ban
|
|
- sudo cp mailu-f2b/fail2ban-bad-auth-filter.conf /etc/fail2ban/filter.d/bad-auth.conf
|
|
- sudo cp mailu-f2b/fail2ban-bad-auth-jail.conf /etc/fail2ban/jail.d/bad-auth.conf
|
|
- sudo cp mailu-f2b/fail2ban-docker-action.conf /etc/fail2ban/action.d/docker-action.conf
|
|
- sudo mkdir -p /etc/systemd/system/fail2ban.service.d
|
|
- sudo cp mailu-f2b/fail2ban-override.conf /etc/systemd/system/fail2ban.service.d/override.conf
|
|
- sudo sudo systemctl daemon-reload
|
|
- sudo systemctl restart fail2ban
|
|
sources:
|
|
- fmailu-f2b/ail2ban-bad-auth-filter.conf
|
|
- fmailu-f2b/ail2ban-bad-auth-jail.conf
|
|
- fmailu-f2b/ail2ban-docker-action.conf
|
|
- fmailu-f2b/ail2ban-override.conf
|
|
generates:
|
|
- /etc/fail2ban/filter.d/bad-auth.conf
|
|
- /etc/fail2ban/jail.d/bad-auth.conf
|
|
- /etc/fail2ban/action.d/docker-action.conf
|
|
- /etc/systemd/system/fail2ban.service.d/override.conf
|
|
preconditions:
|
|
- sh: 'commmand -v fail2ban-server'
|
|
|