Fixed fail2ban and replaced cent8 with el8

CMS/nextcloud/conf.sh

@@ -39,7 +39,7 @@ EOF
 #Setting Permsissions
 chown "$sitename":"$sitename" -R /var/www/"$domain"/html
 
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
     #Setting SeLiux perms for centos
     semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
     restorecon -vr /var/www/ > $OUTPUT 2>&1

CMS/none/conf.sh

@@ -18,7 +18,7 @@ echo "<html><head></head><body>$webserv has been succsefully installed by the Wi
 #Setting Permsissions
 chown "$sitename":"$sitename" -R /var/www/"$domain"/html
 
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
     #Setting SeLiux perms for centos
     semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
     restorecon -vr /var/www/ > $OUTPUT 2>&1

CMS/wordpress/conf.sh

@@ -48,7 +48,7 @@ fi
 #Setting Permsissions
 chown "$sitename":"$sitename" -R /var/www/"$domain"/html
 
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
     #Setting SeLiux perms for centos
     semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/$domain/html(/.*)?" > $OUTPUT 2>&1
     restorecon -vr /var/www/ > $OUTPUT 2>&1

CoreModules/generic/conf.sh

@@ -1,7 +1,7 @@
 ##----------##
 #   Centos   #
 ##----------##
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
     #SeLinux
     semanage port -a -t ssh_port_t -p tcp 4242
     systemctl enable ufw > $OUTPUT 2>&1
@@ -14,7 +14,7 @@ fi
 #   UFW   #
 ##-------##
 
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
     sed -i -e '/tuple/d' -e '/dapp/d' /usr/share/ufw/iptables/user.rules
     sed -i -e '/tuple/d' -e '/dapp/d' /usr/share/ufw/iptables/user6.rules
     echo "y" | ufw reset > $OUTPUT 2>&1
@@ -42,6 +42,15 @@ curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fai
 curl --retry 7 --retry-delay 5 -s https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-hard.conf -o /etc/fail2ban/filter.d/wordpress-hard.local
 curl --retry 7 --retry-delay 5 -s https://plugins.svn.wordpress.org/wp-fail2ban/trunk/filters.d/wordpress-soft.conf -o /etc/fail2ban/filter.d/wordpress-soft.local
 
+if [ "$shortdist" = "el8" ]; then
+    curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Filters/action.d/ufw.conf -o /etc/fail2ban/action.d/ufw.conf
+    ln -s /var/log/secure /var/log/auth.log
+fi
+
+#Start fail2ban service
+systemctl start fail2ban
+systemctl enable fail2ban
+
 #General jails
 rm /etc/fail2ban/jail.d/*
 curl --retry 7 --retry-delay 5 -s "$repo"/raw/"$branchtype"/"$branch"/config/fail2ban/Jails/sshd.jail -o /etc/fail2ban/jail.d/sshd.local

CoreModules/generic/preconf.sh

@@ -31,7 +31,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$osrel" = "ubu2004" ] || [ "$osrel" = "deb
     if dpkg-query -Wf'${db:Status-abbrev}' postfix 2>/dev/null | grep -q '^i'; then apt purge -y postfix > $OUTPUT 2>&1; fi
 
 
-elif [ "$shortdist" = "cent8" ]; then
+elif [ "$shortdist" = "el8" ]; then
 ################
 #    Centos    #
 ################

Scripts/GeneratePhplist.sh

@@ -7,7 +7,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$osrel" = "ubu2004" ] || [ "$osrel" = "deb
     phpMainConf=/etc/php/${phpver}/fpm/php.ini
     phpFPMService=php${phpver}-fpm
 
-elif [ "$shortdist" = "cent8" ]; then
+elif [ "$shortdist" = "el8" ]; then
 # Centos Php variable
     phpPoolDir=/etc/opt/remi/php${phpver//.}/php-fpm.d/
     phpPkgName=php${phpver//.}-php

Scripts/SMI.sh

@@ -50,7 +50,7 @@ elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then
  PKGM="dnf"
  PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y"
  PKGLIST="dnf"
- shortdist=cent8
+ shortdist=el8
  echo "This OS is not supported"
  exit
 else

SubModules/php-fpm/conf.sh

@@ -15,7 +15,7 @@ sed -i 's/upload_max_filesize = 2/upload_max_filesize = 128/g' "$phpMainConf"
 sed -i 's/post_max_size = 8/post_max_size = 64/g' "$phpMainConf"
 
 
-if [ "$shortdist" = "cent8" ]; then
+if [ "$shortdist" = "el8" ]; then
 # Centos Mysql config
 echo "pdo_mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini
 echo "mysql.default_socket = '/var/run/mysqld/mysqld.sock'" >> /etc/opt/remi/php${phpver//.}/php.d/60-mysql_sock.ini

SubModules/php-fpm/preconf.sh

@@ -5,7 +5,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$osrel" = "ubu2004" ] || [ "$osrel" = "deb
     phpMainConf=/etc/php/${phpver}/fpm/php.ini
     phpFPMService=php${phpver}-fpm
 
-elif [ "$shortdist" = "cent8" ]; then
+elif [ "$shortdist" = "el8" ]; then
 # Centos Php variable
     phpPoolDir=/etc/opt/remi/php${phpver//.}/php-fpm.d/
     phpPkgName=php${phpver//.}-php

SubModules/redis/preconf.sh

@@ -4,7 +4,7 @@ if [ "$shortdist" = "ubu1804" ] || [ "$osrel" = "ubu2004" ] || [ "$osrel" = "deb
 # Debian/Ubunbtu redis variables
     redisService=redis-server
 
-elif [ "$shortdist" = "cent8" ]; then
+elif [ "$shortdist" = "el8" ]; then
 # Centos redis variable
     redisService=redis
 fi

config/fail2ban/action.d/ufw.conf

@@ -0,0 +1,42 @@
+# Fail2Ban action configuration file for ufw
+#
+# You are required to run "ufw enable" before this will have any effect.
+#
+# The insert position should be appropriate to block the required traffic.
+# A number after an allow rule to the application won't be of much use.
+
+[Definition]
+
+actionstart = 
+
+actionstop = 
+
+actioncheck = 
+
+actionban = [ -n "<application>" ] && app="app <application>"
+            ufw insert <insertpos> <blocktype> from <ip> to <destination> $app
+
+actionunban = [ -n "<application>" ] && app="app <application>"
+              ufw delete <blocktype> from <ip> to <destination> $app
+
+[Init]
+# Option: insertpos
+# Notes.:  The position number in the firewall list to insert the block rule
+insertpos = 1
+
+# Option: blocktype
+# Notes.: reject or deny
+blocktype = reject
+
+# Option: destination
+# Notes.: The destination address to block in the ufw rule
+destination = any
+
+# Option: application
+# Notes.: application from sudo ufw app list
+application = 
+
+# DEV NOTES:
+# 
+# Author: Guilhem Lettron
+# Enhancements: Daniel Black

installer.sh

@@ -63,7 +63,7 @@ elif [[ "${dist}" == *"centos"* ]] && [[ "${dist_ver}" == *"8"* ]]; then
  PKGUP="$PKGM update -y"
  PKGI="${PKGM} install --setopt=install_weak_deps=False --best -y"
  PKGLIST="dnf"
- shortdist=cent8
+ shortdist=el8
  echo "The support for this os is being worked on"
 else
  echo "This os in not supported"