summaryrefslogtreecommitdiffstats
path: root/roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf
diff options
context:
space:
mode:
Diffstat (limited to 'roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf')
-rw-r--r--roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf5
1 files changed, 4 insertions, 1 deletions
diff --git a/roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf b/roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf
index e3e651f..b34d130 100644
--- a/roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf
+++ b/roles/common/files/etc/systemd/system/fail2ban.service.d/override.conf
@@ -2,13 +2,16 @@
After=nftables.service
[Service]
+ExecStartPre=
+ExecStart=
+ExecStart=/usr/bin/fail2ban-server -xf --logtarget=sysout start
+
# Need explicit rights to read logs as we don't grant CAP_DAC_READ_SEARCH
SupplementaryGroups=adm
# Hardening
NoNewPrivileges=yes
ProtectSystem=strict
-ReadWriteDirectories=/var/log/fail2ban
RuntimeDirectory=fail2ban
PrivateDevices=yes
ProtectControlGroups=yes
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-20 15:39:42 +0000