fail2ban/init.sls

@@ -1,3 +1,4 @@
 include:
   - fail2ban.install
   - fail2ban.jails
+  - fail2ban.prometheus

fail2ban/prometheus.sls

@@ -0,0 +1,35 @@
+Define firewalld service for fail2ban exporter:
+  firewalld.service:
+    - name: fail2ban_exporter
+    - ports:
+      - 9191/tcp
+
+Addinge fail2ban exporter fw service:
+  firewalld.present:
+    - name: public
+    - services:
+      - fail2ban_exporter
+
+create fail2ban-exporter container:
+  cmd.run:
+    - name: podman container create --name fail2ban-exporter -v /var/run/fail2ban:/var/run/fail2ban:ro -p 9191:9191 registry.gitlab.com/hectorjsmith/fail2ban-prometheus-exporter:latest
+    - unless: podman container exists fail2ban-exporter
+
+create fail2ban-exporter container unit file:
+  cmd.run:
+    - name: podman generate systemd --name fail2ban-exporter > /etc/systemd/system/fail2ban-exporter.service
+    - onchanges:
+      - cmd: create fail2ban-exporter container
+
+run daemon reload for fail2ban-exporter container unit file:
+  cmd.run:
+    - name: systemctl daemon-reload
+    - onchanges:
+      - cmd: create fail2ban-exporter container unit file
+
+start fail2ban-exporter container:
+  service.running:
+    - name: fail2ban-exporter
+    - enable: true
+    - watch:
+      - cmd: create fail2ban-exporter container unit file