diff --git a/ChangeLog b/ChangeLog index a87cc00f..957d927d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -106,6 +106,7 @@ ver. 1.1.1-dev-1 (20??/??/??) - development nightly edition * `action.d/nftables.conf` (gh-3291): - new parameter `addr_options` for addr-set (default `flags interval\;`, allows to store CIDR or address ranges); can be set to empty value to create simple addresses set (restore previous behavior). +* `action.d/ntfy.conf` - new action for sending push notifications with ntfy.sh * `action.d/firewallcmd-rich-*.conf` - fixed incorrect quoting, disabling port variable expansion by substitution of rich rule (gh-3815) * `filter.d/dovecot.conf`: diff --git a/config/action.d/ntfy.conf b/config/action.d/ntfy.conf new file mode 100644 index 00000000..b06c11d0 --- /dev/null +++ b/config/action.d/ntfy.conf @@ -0,0 +1,84 @@ +# Fail2Ban configuration file +# +# Action to send push notifications with ntfy via ntfy.sh or your own ntfy server +# +# Author: Dennis Schmidt +# +# Example (ban & notify): +# +# action = %(action_)s +# ntfy[ntfyurl="%(ntfyurl)s", ntfytopic="%(ntfytopic)s", ntfytoken="%(ntfytoken)s", ntfypriority="%(ntfypriority)s"] +# + +[Definition] + +# bypass ban/unban for restored tickets +norestored = 1 + +# Option: actionstart +# Notes.: command executed on demand at the first ban (or at the start of Fail2Ban if actionstart_on_demand is set to false). +# Values: CMD +# +actionstart = curl -f -s \ + -H 'Authorization: Bearer ' \ + -H 'Tags: information_source' \ + -H 'Title: Fail2Ban - ' \ + -d 'The jail has been started successfully.' \ + / + +# Option: actionstop +# Notes.: command executed at the stop of jail (or at the end of Fail2Ban) +# Values: CMD +# +actionstop = curl -f -s \ + -H 'Authorization: Bearer ' \ + -H 'Tags: information_source' \ + -H 'Title: Fail2Ban - ' \ + -d 'The jail has been stopped.' \ + / + +# Option: actioncheck +# Notes.: command executed once before each actionban command +# Values: CMD +# +actioncheck = + +# Option: actionban +# Notes.: command executed when banning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Values: CMD +# +actionban = curl -f -s \ + -H 'Authorization: Bearer ' \ + -H "Priority: " \ + -H 'Tags: no_entry_sign' \ + -H 'Title: Fail2Ban - ' \ + -d 'The IP has just been banned after attempts against .' \ + / + +# Option: actionunban +# Notes.: command executed when unbanning an IP. Take care that the +# command is executed with Fail2Ban user rights. +# Values: CMD +# +actionunban = + +[Init] + +# ntfy server url +# +ntfyurl = https://ntfy.sh + +# ntfy topic +# +ntfytopic = alerts + +# ntfy token +# Use access token or leave empty if authentication not required +# +ntfytoken = + +# ntfy ban notification priority +# Options: max, high, default, low, min +# +ntfypriority = default