mirror/Fail2Ban-Report
1
0
Fork 0
mirror of https://github.com/SubleXBle/Fail2Ban-Report.git synced 2026-02-12 03:38:45 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
1268b87dfc068eae7cbfcf00d2d4a6bc40e81e32
Fail2Ban-Report/installer-setup.md
SubleXBle 1268b87dfc Update installer-setup.md
2025-07-30 18:43:02 +02:00

154 lines
4.8 KiB
Markdown
Raw Blame History

# Fail2Ban-Report Installer Setup Guide
## Introduction
This document explains the interactive steps and choices presented to you during the Fail2Ban-Report automatic installation process. It also describes what the installer does behind the scenes to set up the tool properly.
---
## Installer Interactive Questions and Options
### 1. Web Root Directory
- **Prompt:**
`Please enter the installation directory for the web tool (default: /var/www/html):`
- **Purpose:**
This is where the web interface files of Fail2Ban-Report will be installed.
Press **Enter** to accept the default or specify a custom path if your web server uses a different document root.
---
### 2. Shell Scripts Directory
- **Prompt:**
`Please enter the directory to store shell scripts (default: /opt/Fail2Ban-Report):`
- **Purpose:**
The two main shell scripts (`fail2ban_log2json.sh` and `firewall-update.sh`) will be copied here.
This directory should be outside the web root for security reasons.
Press **Enter** to accept the default or specify a custom path.
---
### 3. Git Availability and Download Method
- The installer checks if `git` is installed.
- If **git is not found**, you will be asked:
`Would you like to download the repository as a ZIP archive using wget instead? (Y/N):`
- If you answer **yes**, the installer will download and extract the ZIP archive using `wget` and `unzip`.
- If you answer **no**, the installation will abort because one of these methods is required.
---
### 4. jq Installation
- The installer checks if the JSON processor tool `jq` is installed.
- If **not found**, you will be prompted:
`Would you like to install jq now? (Y/N):`
- If you choose **yes**, the script attempts to install `jq` using your package manager (`apt`, `dnf`, or `pacman`).
- If you choose **no** or your package manager is unsupported, installation will stop, since `jq` is required.
---
### 5. AbuseIPDB Reputation Reporting (Optional)
- You will see an informational message about the AbuseIPDB feature that allows IP reputation lookups.
- You will be asked:
`Would you like to enable AbuseIPDB support? (Y/N):`
- If **yes**, you will be prompted to enter your AbuseIPDB API key:
`Please enter your AbuseIPDB API key (or leave blank to add later):`
- If you enter a key, it will be saved in the config automatically.
- If left blank, the config will enable reporting but without an API key; you must add it manually later.
- If you answer **no**, the config file will disable reporting completely.
---
### 6. Cronjob Installation for fail2ban_log2json.sh
- The installer will ask:
`Install daily cronjob for fail2ban_log2json.sh at 3 AM? (Y/N):`
- If **yes**, a daily cronjob running at 3 AM will be created.
- If **no**, no cronjob is installed for this script.
---
### 7. Cronjob Installation for firewall-update.sh
- You will be asked to select how often to run the firewall update script:
Please select how often the firewall-update.sh cronjob should run:
```
Every 5 minutes
Every 15 minutes
Do not install cronjob
Enter your choice [1-3]:
```
- Based on your choice, the cronjob will be installed or skipped.
---
## What the Installer Does
- **Repository Setup:**
Clones or downloads the Fail2Ban-Report repository into the chosen web root directory.
- **Dependency Handling:**
Checks for `jq` and installs it if requested.
- **Script Deployment:**
Copies `fail2ban_log2json.sh` and `firewall-update.sh` into the chosen scripts directory, sets executable permissions, and configures internal paths.
- **Config File Generation:**
Creates a `.config` file in the scripts directory to enable or disable AbuseIPDB reporting, including your API key if provided.
- **Permissions:**
Sets ownership of the web directory files to `www-data:www-data`.
- **Cleanup:**
Removes shell scripts from the web directory for security and deletes the installer script after successful completion.
- **Cronjob Setup:**
Adds cronjobs for automatic execution of the log parser and firewall updater, based on your choices.
---
## Important Notes
- The shell scripts **must not** be located inside the web root for security reasons.
- Cronjobs involving firewall updates should run with root privileges.
- You need to manually secure the web directory by configuring the `.htaccess` file as included in the repository.
- The AbuseIPDB feature requires a valid API key for functionality.
---
## After Installation
- ⚠️ Make sure that the directory is inacessible for others ⚠️
- Verify that your web server serves the Fail2Ban-Report directory correctly.
- Access the Fail2Ban-Report web interface via your browser.
- Confirm that cronjobs are running and updating the data and firewall rules as expected.
---
Thank you for choosing Fail2Ban-Report!
Reference in New Issue View Git Blame Copy Permalink