migrated changes

This commit is contained in:
Nathan Price 2025-01-15 21:00:12 -05:00
parent 5176c9fceb
commit 9b063459bb
Signed by: gravityfargo
SSH key fingerprint: SHA256:bjq+uA1U+9bFMd70q2wdNtwaYxGv84IBXalnYvZDKmg

View file

@ -1,25 +1,91 @@
# fail2ban-manager
An extensible CLI tool for managing [fail2ban](https://github.com/fail2ban/fail2ban).
- [fail2ban-manager](#fail2ban-manager)
- [Introduction](#introduction)
- [Working with Jails](#working-with-jails)
- [Plugins](#plugins)
- [Cloudflare](#cloudflare)
- [Plugin: Hetzner](#plugin-hetzner)
- [Plugin: Telegram](#plugin-telegram)
- [Credits](#credits)
## Introduction
Source Code hosted on my [Forgejo instance](https://forgejo.gravityfargo.dev/gravityfargo/fail2ban-manager). Registration is enabled for the public with GitHub via Authentik.
Any issues and feature requests can be submitted to the [issue tracker](https://github.com/gravityfargo/fail2ban-manager) on GitHub.
Any issues and feature requests can be submitted here on GitHub.
This tool is designed to make managing fail2ban easier without the need to edit configuration files. It is designed to be extensible via plugins, and easy to use.
## Working with Jails
## Plugins
### Enabling Plugins
### Cloudflare
> Ban an IP address using IP Rules in [Cloudflare WAF](https://developers.cloudflare.com/waf/tools/ip-access-rules/create/). Jails are configured create rules in a specific DNS zone. Bans are cached in a database for fail2ban's check action to use.
| Notes | |
| -------------------- | ----------------------------------------------------------------- |
| Typer generated docs | [Link](man/cloudflare.md) |
| Provided via | [Officicial SDK](https://github.com/cloudflare/cloudflare-python) |
---
| Variable | Purpose |
| ---------------------- | ----------------------------------------- |
| `CLOUDFLARE_EMAIL` | Email address for Cloudflare account |
| `CLOUDFLARE_API_TOKEN` | Token with permissions to manage IP Rules |
1. Enable the Cloudflare plugin
```bash
f2bm plugin enable cloudflare
```
1. Create an [API Token](https://developers.cloudflare.com/fundamentals/api/get-started/create-token/)
2. Get the [Zone ID](https://developers.cloudflare.com/fundamentals/setup/find-account-and-zone-ids/) from Cloudflare and create a zone in the database
```bash
f2bm cloudflare create-zone 11111111111111111111111111111111 example.com
```
### Plugin: Hetzner
[MAN Page](plugins/hetzner.md)
> Whitelist ip addresses in the [Hetzner](https://www.hetzner.com/) cloud firewall, and bulk whitelist Cloudflare IP addresses.
### Plugin: Cloudflare
| Notes | |
| -------------------- | --------------------------------------------------------------- |
| Typer generated docs | [Link](man/hetzner.md) |
| Provided via | [Officicial SDK](https://github.com/hetznercloud/hcloud-python) |
[MAN Page](plugins/cloudflare.md)
---
1. Enable the Hetzner plugin
```bash
f2bm plugin enable hetzner
```
2. Create an [API Token](https://docs.hetzner.com/cloud/api/getting-started/generating-api-token/)
### Plugin: Telegram
[MAN Page](plugins/telegram.md)
> Send a message to a Telegram chat. Custom messages per-jail are supported as well as seperate groups for each jail.
| Notes | |
| -------------------- | ----------------------------------------------------------------- |
| Typer generated docs | [Link](man/telegram.md) |
| Provided via | [Rest API](https://forgejo.gravityfargo.dev/gravityfargo/envoyer) |
---
## Credits
- [Typer](https://github.com/fastapi/typer), build great CLIs. Easy to code. Based on Python type hints.
- [Rich](https://github.com/Textualize/rich) is a Python library for rich text and beautiful formatting in the terminal.
- [envoyer](https://forgejo.gravityfargo.dev/gravityfargo/envoyer) Stupid simple notifications library. (My Project)