forked from norman/fusionpbx-install.sh-github-mirror
39beae7c13
* Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive * Remove freeswitch database and user Reason for this change is if FreeSWITCH uses the PostgreSQL then its a good idea for it to use its own instance. This is to prevent blocking FreeSWITCH from accessing the database if there is a long running Query on the FusionPBX database * Changing default domain name to hostname, setting default PostgreSQL version to 15 * Adding support for PostgreSQL 14 and 15 * Correcting user and group options for freeswitch runtime * Copying missing resources/fail2ban/freeswitch-dos.conf from debian dir, adding missing copy of sip-auth-challenge-ip.conf and sip-auth-challenge.conf, setting default setting for allowipv6 directive --------- Co-authored-by: Charlie Root <root@sjcacs-test.gadallah.net>
39 lines
1.5 KiB
Bash
Executable File
39 lines
1.5 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
#move to script directory so all relative paths work
|
|
cd "$(dirname "$0")"
|
|
|
|
#includes
|
|
. ./config.sh
|
|
. ./colors.sh
|
|
|
|
#send a message
|
|
verbose "Installing Fail2ban"
|
|
|
|
#add the dependencies
|
|
pkg install --yes py39-fail2ban
|
|
|
|
#enable fail2ban service
|
|
echo 'fail2ban_enable="YES"' >> /etc/rc.conf
|
|
|
|
#move the filters
|
|
cp fail2ban/freeswitch-dos.conf /usr/local/etc/fail2ban/filter.d/freeswitch-dos.conf
|
|
cp fail2ban/freeswitch-ip.conf /usr/local/etc/fail2ban/filter.d/freeswitch-ip.conf
|
|
cp fail2ban/freeswitch-404.conf /usr/local/etc/fail2ban/filter.d/freeswitch-404.conf
|
|
cp fail2ban/freeswitch.conf /usr/local/etc/fail2ban/filter.d/freeswitch.conf
|
|
cp fail2ban/fusionpbx.conf /usr/local/etc/fail2ban/filter.d/fusionpbx.conf
|
|
cp fail2ban/nginx-404.conf /usr/local/etc/fail2ban/filter.d/nginx-404.conf
|
|
cp fail2ban/nginx-dos.conf /usr/local/etc/fail2ban/filter.d/nginx-dos.conf
|
|
cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local
|
|
cp fail2ban/sip-auth-challenge-ip.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge-ip.conf
|
|
cp fail2ban/sip-auth-challenge.conf /usr/local/etc/fail2ban/filter.d/sip-auth-challenge.conf
|
|
|
|
# Fix default setting for allowipv6 directive
|
|
mv /usr/local/etc/fail2ban/fail2ban.conf /usr/local/etc/fail2ban/fail2ban.conf.dist
|
|
cat /usr/local/etc/fail2ban/fail2ban.conf.dist | sed '/^#allowipv6/s//allowipv6/' > /usr/local/etc/fail2ban/fail2ban.conf
|
|
chown root:wheel /usr/local/etc/fail2ban/fail2ban.conf
|
|
chmod 0644 /usr/local/etc/fail2ban/fail2ban.conf
|
|
|
|
#restart fail2ban
|
|
service fail2ban start
|