added promethus exporter for fail2ban

2023-03-27 12:49:51 +02:00 · 2023-03-27 12:49:51 +02:00 · f89bc503c9
commit f89bc503c9
parent ff01f3c8f4
2 changed files with 36 additions and 0 deletions
--- a/fail2ban/init.sls
+++ b/fail2ban/init.sls
@ -1,3 +1,4 @@
 include:
  - fail2ban.install
  - fail2ban.jails
+  - fail2ban.prometheus
--- a/fail2ban/prometheus.sls
+++ b/fail2ban/prometheus.sls
@ -0,0 +1,35 @@
+Define firewalld service for fail2ban exporter:
+  firewalld.service:
+    - name: fail2ban_exporter
+    - ports:
+      - 9191/tcp
+
+Addinge fail2ban exporter fw service:
+  firewalld.present:
+    - name: public
+    - services:
+      - fail2ban_exporter
+
+create fail2ban-exporter container:
+  cmd.run:
+    - name: podman container create --name fail2ban-exporter -v /var/run/fail2ban:/var/run/fail2ban:ro -p 9191:9191 registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
+    - unless: podman container exists fail2ban-exporter
+
+create fail2ban-exporter container unit file:
+  cmd.run:
+    - name: podman generate systemd --name fail2ban-exporter > /etc/systemd/system/fail2ban-exporter.service
+    - onchanges:
+      - cmd: create fail2ban-exporter container
+
+run daemon reload for fail2ban-exporter container unit file:
+  cmd.run:
+    - name: systemctl daemon-reload
+    - onchanges:
+      - cmd: create fail2ban-exporter container unit file
+
+start fail2ban-exporter container:
+  service.running:
+    - name: fail2ban-exporter
+    - enable: true
+    - watch:
+      - cmd: create fail2ban-exporter container unit file