added nextcloud to fail2ban

fail2ban/files/filter.d/nextcloud.local

@@ -0,0 +1,6 @@
+[Definition]
+_groupsre = (?:(?:,?\s*"\w+":(?:"[^"]+"|\w+))*)
+failregex = ^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Login failed:
+            ^\{%(_groupsre)s,?\s*"remoteAddr":"<HOST>"%(_groupsre)s,?\s*"message":"Trusted domain error.
+datepattern = ,?\s*"time"\s*:\s*"%%Y-%%m-%%d[T ]%%H:%%M:%%S(%%z)?"
+

fail2ban/jails.sls

@@ -1,3 +1,4 @@
+# SSH
 configure sshd jail:
   file.managed:
     - name: /etc/fail2ban/jail.d/sshd.local
@@ -8,10 +9,30 @@ configure sshd jail:
     - onlyif:
       - pkg.is_installed: openssh
 
+# Nextcloud
+configure nextcloud jail:
+  file.managed:
+    - name: /etc/fail2ban/jail.d/nextcloud.local
+    - source: salt://fail2ban/files/jail.d/nextcloud.local
+    - user: root
+    - group: root
+    - mode: "0644"
+    - onlyif: runuser -l {{ salt['pillar.get']('podman:user', 'root') }} -c 'podman container exists gitea'
 
+configure nextcloud filter:
+  file.managed:
+    - name: /etc/fail2ban/filter.d/nextcloud.local
+    - source: salt://fail2ban/files/filter.d/nextcloud.local
+    - user: root
+    - group: root
+    - mode: "0644"
+    - onlyif: runuser -l {{ salt['pillar.get']('podman:user', 'root') }} -c 'podman container exists gitea'
 
+######
 realod fail2ban config:
   cmd.run:
     - name: fail2ban-client reload
     - onchanges:
       - file: configure sshd jail
+      - file: configure nextcloud jail
+      - file: configure nextcloud filter