OpenSource CLI-App to install and handle stuff related to Web-Server
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

56 lines
1.2 KiB

4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
4 years ago
  1. #!/usr/bin/env bash
  2. #
  3. # install mcp
  4. #
  5. #
  6. set -o errexit
  7. set -o pipefail
  8. set -o nounset
  9. # installing dependencies
  10. apt install -y php-cli php-mbstring php-dom git unzip curl composer ufw fail2ban
  11. #
  12. # configure ufw and start
  13. #
  14. #
  15. ufw allow ssh
  16. service ufw start
  17. echo "y" | ufw enable
  18. #
  19. # configure fail2ban and start
  20. #
  21. #
  22. cat > /etc/fail2ban/jail.local << EOF
  23. [default]
  24. # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not
  25. # ban a host which matches an address in this list. Several addresses can be
  26. # defined using space separator.
  27. ignoreip = 127.0.0.1/8
  28. # "bantime" is the number of seconds that a host is banned.
  29. bantime = 3600
  30. banaction = ufw
  31. # The length of time between login attempts before a ban is set.
  32. # For example, if Fail2ban is set to ban an IP after five (3) failed log-in attempts,
  33. # those 3 attempts must occur within the set 10-minute findtime limit.
  34. # The findtime value should be a set number of seconds.
  35. findtime = 600
  36. maxretry = 5
  37. [ssh]
  38. enabled = true
  39. port = ssh
  40. filter = sshd
  41. logpath = /var/log/auth-fail2ban.log
  42. EOF
  43. cp resources/fail2ban/filter.d/* /etc/fail2ban/filter.d
  44. touch /var/log/fail2ban.log
  45. service fail2ban start
  46. echo -e "MCP installed"