From 4ae06158f3099cd64fe585aac07a81e4528c5f9f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?M=C4=83rcziem=20=E2=84=A2?=
 <118485377+spalencsar@users.noreply.github.com>
Date: Mon, 6 Oct 2025 11:37:43 +0200
Subject: [PATCH] Add specific journalmatch for openSUSE Fail2ban systemd
 backend

---
 lib/security.sh | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/security.sh b/lib/security.sh
index b293025..ae18ad5 100644
--- a/lib/security.sh
+++ b/lib/security.sh
@@ -51,7 +51,22 @@ maxretry = 3
 [sshd]
 enabled = true
 port = ${DEFAULT_SSH_PORT:-22}
-backend = systemd
+EOF
+
+    # Configure backend based on distribution
+    case $DISTRO in
+        opensuse)
+            # Use journald backend for openSUSE
+            echo "backend = systemd" | sudo tee -a /etc/fail2ban/jail.local
+            echo "journalmatch = _SYSTEMD_UNIT=sshd.service" | sudo tee -a /etc/fail2ban/jail.local
+            ;;
+        *)
+            # Use systemd backend for other distributions
+            echo "backend = systemd" | sudo tee -a /etc/fail2ban/jail.local
+            ;;
+    esac
+
+    sudo tee -a /etc/fail2ban/jail.local > /dev/null <<EOF
 EOF
 
     # Add distribution-specific log path for SSH