Remove f2b gateway bouncer
To be replaced by something more sensible
This commit is contained in:
Jake Howard
@ -8,7 +8,6 @@ services:
|
||||
- CF_DNS_API_TOKEN={{ vault_cloudflare_api_token }}
|
||||
- GANDIV5_API_KEY={{ vault_gandi_api_key }}
|
||||
volumes:
|
||||
- /tmp/traefik-logs:/var/log/traefik
|
||||
- ./traefik:/etc/traefik
|
||||
restart: unless-stopped
|
||||
ports:
|
||||
|
||||
@ -1,25 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
62333161626439326166306363343866616336646134376134326265386134343338313164653334
|
||||
3131633561363730376161323034643836333738303361320a613764383135373933636537333331
|
||||
32633335663462653361643538656533313633666666303830363533616263663135323635613235
|
||||
3738396530363130370a323338663966353333373862353964636333343436613932303765373035
|
||||
61353363633836613830346631323565326338616331353665653333383065376565626164306266
|
||||
32346133643635626632326133333933656333346336336232613536386661366537383439646632
|
||||
35323838633266633263646563323834363066336432663665616433303632646234326266653036
|
||||
35666532383261663430303764383833396336393031316361633563336538663931333736633161
|
||||
33333230343731663038626362353163663363396134303431393061333136393664643535393662
|
||||
65333561623335656635393364666135343462646237316138393637356261303634383830636462
|
||||
63336231643030643636643431616434643765373037393832613563323132383864383365316365
|
||||
35663930373938653163363436373236313162353661646531333461643463663336383332633431
|
||||
63633938306533343561646663393165353633306131336135633762306666326465306335343665
|
||||
34323261623531646566626561643465333737323562646137366235363339663163656566383266
|
||||
39326637373739623338653633633237396362633062303033366530383334353032643434623339
|
||||
38633563396432326430386638333837343733633364336536626563363932646636343333326333
|
||||
63326566663265346537633134653636636436323738396530326332656165396635316634653133
|
||||
31373137636233323563343433383837633132636434303134313431343364313735316633343732
|
||||
62663537616663356133636337373630616134363262333332303965393463643833343561386639
|
||||
62316136363661653430336566323539643239346539353535346539646138366462346634336165
|
||||
37343737656564333365346538656661343165623037613030356233626534306533303738646363
|
||||
35396566303561366333363265373733636138336533336534393262643831613836326639623633
|
||||
62313830626264323965303933393466643433373136353232383262323963613432313139303062
|
||||
34373236363635623337
|
||||
@ -1,6 +0,0 @@
|
||||
[Definition]
|
||||
actionban = ssh -p 7743 f2b@{{ nebula.clients.casey.ip }} -i /etc/fail2ban/f2b_key.key set traefik banip <ip>
|
||||
actionunban = ssh -p 7743 f2b@{{ nebula.clients.casey.ip }} -i /etc/fail2ban/f2b_key.key set traefik unbanip <ip>
|
||||
actioncheck =
|
||||
actionstart =
|
||||
actionstop =
|
||||
@ -1,4 +0,0 @@
|
||||
[Definition]
|
||||
failregex = ^<HOST> \- \S+ \[\] \"(GET|POST|HEAD) .+\" .+$
|
||||
ignoreregex =
|
||||
mode = normal
|
||||
@ -1,10 +0,0 @@
|
||||
[traefik]
|
||||
enabled = true
|
||||
bantime = 6000
|
||||
findtime = 300
|
||||
maxretry = 5
|
||||
filter = traefik
|
||||
logpath = /tmp/traefik-logs/access.log
|
||||
port = http,https
|
||||
ignoreip = {{ wireguard.cidr }},{{ nebula.cidr }},{{ pve_hosts.internal_cidr }},{{ pve_hosts.internal_cidr_ipv6 }},{{ vps_hosts.values()|sort|join(",") }},{{ tailscale_cidr }}
|
||||
action = gateway
|
||||
@ -1,8 +0,0 @@
|
||||
/tmp/traefik-logs/access.log {
|
||||
daily
|
||||
rotate 7
|
||||
missingok
|
||||
compress
|
||||
nodateext
|
||||
notifempty
|
||||
}
|
||||
@ -86,9 +86,3 @@ tls:
|
||||
|
||||
pilot:
|
||||
dashboard: false
|
||||
|
||||
accessLog:
|
||||
filePath: "/var/log/traefik/access.log"
|
||||
filters:
|
||||
statusCodes:
|
||||
- "400-600"
|
||||
|
||||
Reference in New Issue
Block a user