Add documentation.

0.10.2/README.apt-install

@@ -0,0 +1,14 @@
+
+# - Debian stretch: 
+# -    Download via package system
+# -
+#echo "deb tor+http://ncomputers.org/debian stretch main" > /etc/apt/sources.list.d/ncomputers.org-stretch.list
+echo "deb http://ncomputers.org/debian stretch main" > /etc/apt/sources.list.d/ncomputers.org-stretch.list
+
+# - Debian stretch:
+# -    Install via package system
+# -
+apt-get update
+apt-get install ncomputers.org-keyring
+apt-get update
+apt-get install fail2ban

0.10.2/README.install

@@ -1,7 +0,0 @@
-
-echo "deb tor+http://ncomputers.org/debian stretch main" > /etc/apt/sources.list.d/ncomputers.org-stretch.list
-echo "deb http://ncomputers.org/debian stretch main" > /etc/apt/sources.list.d/ncomputers.org-stretch.list
-apt-get update
-apt-get install ncomputers.org-keyring
-apt-get update
-

0.10.2/README.logrotate

@@ -0,0 +1,22 @@
+# - Configure logrotate
+# -
+cat << EOF > /etc/logrotate.d/fail2ban
+/var/log/fail2ban.log {
+
+    daily
+    rotate 7
+    compress
+
+    delaycompress
+    missingok
+    postrotate
+      fail2ban-client flushlogs 1>/dev/null
+    endscript
+
+    # If fail2ban runs as non-root it still needs to have write access
+    # to logfiles.
+    # create 640 fail2ban adm
+    create 640 root adm
+}
+EOF
+

0.10.2/README.src-install

@@ -0,0 +1,70 @@
+# - Install required debian packages
+# -
+apt-get update
+apt-get install python3
+apt-get install python3-pyinotify python-pyinotify
+apt-get install gamin
+apt-get install python-dnspython python3-dnspython
+
+# - Download sources via git
+# -
+mkdir -p /usr/local/src/install
+cd /usr/local/src/install
+git clone -b 0.10 https://github.com/fail2ban/fail2ban.git
+
+# - Install fail2ban
+# -
+cd fail2ban
+python setup.py install
+
+
+# - Configure logrotate
+# -
+cat << EOF > /etc/logrotate.d/fail2ban
+/var/log/fail2ban.log {
+
+    daily
+    rotate 7
+    compress
+
+    delaycompress
+    missingok
+    postrotate
+      fail2ban-client flushlogs 1>/dev/null
+    endscript
+
+    # If fail2ban runs as non-root it still needs to have write access
+    # to logfiles.
+    # create 640 fail2ban adm
+    create 640 root adm
+}
+EOF
+
+
+# - Configure  fail2ban as systemd service
+# -
+cat << EOF > /etc/systemd/system/fail2ban.service
+[Unit]
+Description=Fail2Ban Service
+Documentation=man:fail2ban(1)
+After=network.target iptables.service firewalld.service ip6tables.service ipset.service
+PartOf=iptables.service firewalld.service ip6tables.service ipset.service
+
+[Service]
+Type=simple
+ExecStartPre=/bin/mkdir -p /var/run/fail2ban
+ExecStart=/usr/local/bin/fail2ban-server -xf start
+# if should be logged in systemd journal, use following line or set logtarget to sysout in fail2ban.local
+# ExecStart=/usr/local/bin/fail2ban-server -xf --logtarget=sysout start
+ExecStop=/usr/local/bin/fail2ban-client stop
+ExecReload=/usr/local/bin/fail2ban-client reload
+PIDFile=/var/run/fail2ban/fail2ban.pid
+Restart=on-failure
+RestartPreventExitStatus=0 255
+
+[Install]
+WantedBy=multi-user.target
+EOF
+
+systemctl daemon-reload
+systemctl enable fail2ban.service

0.10.2/README.sytemd

@@ -26,3 +26,24 @@ EOF
 
 systemctl daemon-reload
 systemctl enable fail2ban.service
+
+# - An alternative systemd configuration
+# -
+cat << EOF > /etc/systemd/system/fail2ban.service
+[Unit]
+Description=Fail2Ban Service
+Documentation=man:fail2ban(1)
+After=network.target iptables.service firewalld.service
+PartOf=iptables.service firewalld.service
+
+[Service]
+Type=forking
+ExecStart=/usr/bin/fail2ban-client -x start
+ExecStop=/usr/bin/fail2ban-client stop
+ExecReload=/usr/bin/fail2ban-client reload
+PIDFile=/var/run/fail2ban/fail2ban.pid
+Restart=always
+
+[Install]
+WantedBy=multi-user.target
+EOF