Fix Fail2ban recidive jail logpath and re-enable on openSUSE

2025-10-06 11:44:06 +02:00
parent fc26c8e839
commit 3344620824
2 changed files with 6 additions and 7 deletions
--- a/lib/performance.sh
+++ b/lib/performance.sh
@@ -339,15 +339,13 @@ perform_health_check() {
        echo
        
        echo "=== Security Status ==="
-        # Check Fail2ban if SSH was configured (which includes Fail2ban) and not openSUSE
-        if [[ "${CONFIGURE_SSH:-true}" == "true" && "$DISTRO" != "opensuse" ]]; then
+        # Check Fail2ban if SSH was configured (which includes Fail2ban)
+        if [[ "${CONFIGURE_SSH:-true}" == "true" ]]; then
            if systemctl is-active --quiet fail2ban; then
                echo "✅ Fail2ban: Active"
            else
                echo "❌ Fail2ban: Inactive"
            fi
-        elif [[ "$DISTRO" == "opensuse" ]]; then
-            echo "ℹ️ Fail2ban: Not available on openSUSE (compatibility issues)"
        else
            echo "ℹ️ Fail2ban: Not configured"
        fi
--- a/lib/security.sh
+++ b/lib/security.sh
@@ -31,9 +31,9 @@ install_fail2ban() {
            ;;
        opensuse)
            handle_error sudo zypper install -y fail2ban
-            # On openSUSE, Fail2ban has issues with systemd backend, skip it for now
-            log_warning "Fail2ban on openSUSE may have compatibility issues. Consider manual configuration."
-            return 0
+            # On openSUSE, create a basic log file for Fail2ban to monitor
+            sudo touch /var/log/fail2ban.log
+            sudo chmod 644 /var/log/fail2ban.log
            ;;
        *)
            log_error "Unsupported Linux distribution: $DISTRO"
@@ -129,6 +129,7 @@ enabled = false

 [recidive]
 enabled = true
+logpath = /var/log/fail2ban.log
 EOF

    handle_error sudo systemctl enable fail2ban