mirror/Fail2Ban-Report
1
0
Fork 0
mirror of https://github.com/SubleXBle/Fail2Ban-Report.git synced 2026-02-10 19:00:27 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
5f1a6fdb5300a4246f7641a6faaea20d2f548cf1
Fail2Ban-Report/installer-setup.md
SubleXBle 6c07fef988 Update installer-setup.md 
changed installer-setup.md to fit to the changes made in 0.2.2
2025-08-02 14:12:45 +02:00

5.5 KiB
Raw Blame History

Fail2Ban-Report Installer Setup Guide

Introduction

This document explains the interactive steps and choices presented to you during the Fail2Ban-Report automatic installation process. It also describes what the installer does behind the scenes to set up the tool properly, including creation and configuration of the mandatory config file.

Installer Interactive Questions and Options

1. Web Root Directory

  • Prompt:
    Please enter the installation directory for the web tool (default: /var/www/html):

  • Purpose:
    This is where the web interface files of Fail2Ban-Report will be installed.
    Press Enter to accept the default or specify a custom path if your web server uses a different document root.

2. Shell Scripts Directory

  • Prompt:
    Please enter the directory to store shell scripts (default: /opt/Fail2Ban-Report):

  • Purpose:
    The two main shell scripts (fail2ban_log2json.sh and firewall-update.sh) will be copied here.
    This directory should be outside the web root for security reasons.
    Press Enter to accept the default or specify a custom path.

3. Git Availability and Download Method

  • The installer checks if git is installed.

  • If git is not found, you will be asked:
    Would you like to download the repository as a ZIP archive using wget instead? (Y/N):

  • If you answer yes, the installer will download and extract the ZIP archive using wget and unzip.

  • If you answer no, the installation will abort because one of these methods is required.

4. jq Installation

  • The installer checks if the JSON processor tool jq is installed.

  • If not found, you will be prompted:
    Would you like to install jq now? (Y/N):

  • If you choose yes, the script attempts to install jq using your package manager (apt, dnf, or pacman).

  • If you choose no or your package manager is unsupported, installation will stop, since jq is required.

5. Fail2Ban-Report Config File Setup (Mandatory)

  • The installer always creates or overwrites the config file located inside the shell scripts directory (e.g. /opt/Fail2Ban-Report/fail2ban-report.config).

  • You will be prompted to configure the following mandatory setting:

    How many days of daily reports should be shown in the main interface? (default: 7)

  • The value you enter is saved under the section:

[Fail2Ban-Daily-List-Settings]
max_display_days=VALUE
  • This setting controls how many days are shown in the “Select Date” dropdown in the web interface.

6. AbuseIPDB Reputation Reporting (Optional)

  • You will see an informational message about the AbuseIPDB feature that allows IP reputation lookups.

  • You will be asked:
    Would you like to enable AbuseIPDB support? (Y/N):

  • If yes, you will be prompted to enter your AbuseIPDB API key:
    Please enter your AbuseIPDB API key (or leave blank to add later):

  • If you enter a key, it will be saved in the config automatically.

  • If left blank, the config will enable reporting but without an API key; you must add it manually later.

  • If you answer no, the config file will disable reporting completely.

7. Cronjob Installation for fail2ban_log2json.sh

  • The installer will ask:
    Install daily cronjob for fail2ban_log2json.sh at 3 AM? (Y/N):

  • If yes, a daily cronjob running at 3 AM will be created.

  • If no, no cronjob is installed for this script.

8. Cronjob Installation for firewall-update.sh

  • You will be asked to select how often to run the firewall update script:

Please select how often the firewall-update.sh cronjob should run:

Every 5 minutes

Every 15 minutes

Do not install cronjob
Enter your choice [1-3]:
  • Based on your choice, the cronjob will be installed or skipped.

What the Installer Does

  • Repository Setup:
    Clones or downloads the Fail2Ban-Report repository into the chosen web root directory.

  • Dependency Handling:
    Checks for jq and installs it if requested.

  • Script Deployment:
    Copies fail2ban_log2json.sh and firewall-update.sh into the chosen scripts directory, sets executable permissions, and configures internal paths.

  • Config File Generation:
    Creates a mandatory .config file in the scripts directory with your settings including max display days and AbuseIPDB options.

  • Permissions:
    Sets ownership of the web directory files to www-data:www-data.

  • Cleanup:
    Removes shell scripts from the web directory for security and deletes the installer script after successful completion.

  • Cronjob Setup:
    Adds cronjobs for automatic execution of the log parser and firewall updater, based on your choices.

Important Notes

  • The shell scripts must not be located inside the web root for security reasons.

  • Cronjobs involving firewall updates should run with root privileges.

  • You need to manually secure the web directory by configuring the .htaccess file as included in the repository.

  • The AbuseIPDB feature requires a valid API key for functionality.

  • The config file path is dynamically referenced by PHP scripts, so if you move the config, update the PHP files accordingly.

After Installation

  • ⚠️ Make sure that the directory is inaccessible for unauthorized users ⚠️

  • Verify that your web server serves the Fail2Ban-Report directory correctly.

  • Access the Fail2Ban-Report web interface via your browser.

  • Confirm that cronjobs are running and updating the data and firewall rules as expected.

Thank you for choosing Fail2Ban-Report!

Reference in New Issue View Git Blame Copy Permalink