- I want to change the variable "enabled" in jail.conf of Fail2ban according to the status of Proftpd on the agent machine.
- Ex: If on the agent machine, Proftpd is running, "enable = true" (Fail2ban will monitor Proftpd) If Proftpd is stopped, "enable = false" (Fail2ban won't monitor Proftpd)
My init.pp file :
class fail2ban { package { "fail2ban": ensure => "installed", }
service { "fail2ban": ensure => "running", enable => "true", require => Package["fail2ban"], } $path = "/var/run/proftpd.pid" $status = inline_template("<% if File.exist?(@path) -%>true<% else -%>false<%end -%>") file { "jail.conf": path => '/etc/fail2ban/jail.conf', ensure => file, require => Package['fail2ban'], content => template("fail2ban/jail.conf.erb"), notify => Service['fail2ban'], }
My template jail.conf.erb file:
[proftpd]
enabled = <%= $status %>
port = ftp,ftp-data,ftps,ftps-data
filter = proftpd
logpath = /var/log/proftpd/proftpd.log
maxretry = 5
The problem is that my "enabled" result is according to the check on Puppet Master, not the agent machine, while I need to do the check on the agent machine.
Can anyone help me ?