Netdata: add fail2ban monitoring

2025-05-17 16:58:12 +03:00 · 2025-05-17 16:58:12 +03:00 · c8bd9f4ec3
commit c8bd9f4ec3
parent d3d189e284
3 changed files with 13 additions and 0 deletions
--- a/files/netdata/docker-compose.yml.j2
+++ b/files/netdata/docker-compose.yml.j2
@ -26,9 +26,11 @@ services:
      - "/run/dbus:/run/dbus:ro"
      - "/sys:/host/sys:ro"
      - "/var/log:/host/var/log:ro"
+      - "/var/run:/host/var/run:ro"
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
    environment:
      PGID: "{{ netdata_docker_group_output.stdout | default(999) }}"
+      NETDATA_EXTRA_DEB_PACKAGES: "fail2ban"

 networks:
  {{ web_proxy_network }}:
--- a/files/netdata/go.d/fail2ban.conf
+++ b/files/netdata/go.d/fail2ban.conf
@ -0,0 +1,3 @@
+jobs:
+  - name: fail2ban
+    update_every: 5  # Collect Fail2Ban jails statistics every 5 seconds
--- a/playbook-netdata.yml
+++ b/playbook-netdata.yml
@ -50,6 +50,14 @@
        group: "{{ app_user }}"
        mode: "0640"

+    - name: "Copy fail2ban plugin config file"
+      ansible.builtin.copy:
+        src: "files/{{ app_name }}/go.d/fail2ban.conf"
+        dest: "{{ config_go_d_dir }}/fail2ban.conf"
+        owner: "{{ app_user }}"
+        group: "{{ app_user }}"
+        mode: "0640"
+
    - name: "Grab docker group id."
      ansible.builtin.shell:
        cmd: |