diff --git a/data/Dockerfiles/fail2ban/logwatch.py b/data/Dockerfiles/fail2ban/logwatch.py index f8d0a5c2..b7430988 100644 --- a/data/Dockerfiles/fail2ban/logwatch.py +++ b/data/Dockerfiles/fail2ban/logwatch.py @@ -1,6 +1,7 @@ #!/usr/bin/env python2 import re +import os import time import atexit import signal @@ -12,6 +13,11 @@ import redis import time import json +yes_regex = re.compile(r'([yY][eE][sS]|[yY])+$') +if re.search(yes_regex, os.getenv('SKIP_FAIL2BAN', 0)): + print "Skipping Fail2ban container..." + raise SystemExit + r = redis.StrictRedis(host='172.22.1.249', decode_responses=True, port=6379, db=0) RULES = { 'mailcowdockerized_postfix-mailcow_1': 'warning: .*\[([0-9a-f\.:]+)\]: SASL .* authentication failed', diff --git a/docker-compose.yml b/docker-compose.yml index 51e190b7..e286ca94 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -331,6 +331,7 @@ services: privileged: true environment: - TZ=${TZ} + - SKIP_FAIL2BAN=${SKIP_FAIL2BAN:-no} network_mode: "host" dns: - 172.22.1.254 @@ -338,7 +339,6 @@ services: volumes: - /var/run/docker.sock:/var/run/docker.sock:ro - /lib/modules:/lib/modules:ro - ipv6nat: image: robbertkl/ipv6nat restart: always diff --git a/generate_config.sh b/generate_config.sh index 43b46cfe..4cd17074 100755 --- a/generate_config.sh +++ b/generate_config.sh @@ -81,6 +81,8 @@ ADDITIONAL_SAN= # To never run acme-mailcow for Let's Encrypt, set this to y SKIP_LETS_ENCRYPT=n +# To never run fail2ban-mailcow +SKIP_FAIL2BAN=n EOF