使用fabric远程部署fail2ban-python

脚本示例

# -*- coding:utf-8 -*-
from fabric.api import *

env.hosts = ['主机ip']
env.port = 50022
env.user = 'root'
env.password = '用户密码'

@task
def install_fail2ban():
    sudo('apt-get update')
    sudo('apt-get upgrade')
    sudo('apt-get install fail2ban -y')
    sudo('systemctl start fail2ban')
    sudo('systemctl enable fail2ban')
    put(remote_path='/etc/fail2ban/jail.local', local_path='jail.local')
    sudo('systemctl restart fail2ban')

执行方式

fab -f auto_fail2ban.py install_fail2ban

jail.local 文件内容

[sshd]
enabled = true
port = 50022
filter = sshd
logpath = /var/log/auth.log
maxretry = 3