ADD some haproxy

ADD some influx
ADD fail2ban
2025-05-28 20:52:05 +03:00 · 2025-05-28 20:51:34 +03:00 · 2025-05-28 20:51:18 +03:00
3 changed files with 94 additions and 5 deletions
--- a/docs/Other/InfluxDB.md
+++ b/docs/Other/InfluxDB.md
@ -1,6 +1,6 @@
 ### Influx1.x

- `unflux` - подключиться
+- `unflux` - подключиться (`influx -ssl -host influx.mcarov.pro`)
 - `show databases` - список бд
 - `create database <db>` - создать бд
 - `drop database <db>` - удалить бд 
@ -30,6 +30,20 @@
 - `influxd backup -database mydb /path/to/backup` - резервное копирование бд 
 - `influxd restore -database mydb /path/to/backup` - восстановление бд

+#### HTTPS
+
+- `influxdb.conf`
+```conf
+[http]
+  # Determines whether HTTP endpoint is enabled.
+  # enabled = true
+  enabled = true
+  bind-address = ":8086"
+  https-enabled = true
+  https-certificate = "/etc/letsencrypt/live/influx.mcarov.pro/fullchain.pem"
+  https-private-key = "/etc/letsencrypt/live/influx.mcarov.pro/privkey.pem"
+```
+
 ### Influx2.x

 - `SHOW BUCKETS` - показать список бакетов
--- a/docs/Other/fail2ban.md
+++ b/docs/Other/fail2ban.md
@ -0,0 +1,77 @@
+### Установка
+
+```bash
+sudo apt update && sudo apt install fail2ban -y
+```
+### Настройка
+
+```bash
+# рекомендуется, но необязательно
+cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local 
+```
+
+- `vi /etc/fail2ban/jail.local`
+```bash
+[DEFAULT]
+ignoreip = 127.0.0.1/8 ::1
+
+[sshd]
+enabled = true
+port = 10001
+#Для Debian добавить:
+#backend = systemd
+# Если в течении 24 часов
+findtime = 86400
+# произведено 3 неудачных попытки логина,
+maxretry = 3
+# то банить IP навсегда.
+bantime = -1
+
+[nginx-bad-request]
+enabled = true
+port = http,https
+filter = nginx-bad-request
+logpath = /var/log/nginx/*access.log
+maxretry = 3
+findtime = 5m
+bantime = 24h
+
+[nginx-http-auth]
+enabled = true
+port = http,https
+filter = nginx-http-auth
+logpath = /var/log/nginx/*error.log
+maxretry = 3
+findtime = 5m
+bantime = 24h
+
+[nginx-botsearch]
+enabled = true
+port = http,https
+filter = nginx-botsearch
+logpath = /var/log/nginx/*access.log
+maxretry = 5
+findtime = 10m
+bantime = 24h
+
+[nginx-limit-req]
+enabled = true
+filter = nginx-limit-req
+logpath = /var/log/nginx/*error.log
+maxretry = 100
+findtime = 30
+bantime = 24h
+```
+
+- Проверка
+```bash 
+fail2ban-server -t
+fail2ban-client reload
+fail2ban-client status        
+fail2ban-client status sshd    # Статус защиты SSH
+fail2ban-client status nginx-bad-reauest
+fail2ban-client status nginx-botsearch
+fail2ban-client status nginx-http-auth
+fail2ban-client status nginx-limit-req
+tail -f /var/log/fail2ban.log 
+```
--- a/docs/Vebsrv/Haproxy.md
+++ b/docs/Vebsrv/Haproxy.md
@ -1,9 +1,7 @@
 ### Разное

-```bash
-haproxy -f /etc/haproxy/haproxy.cfg -c - тестируем
-systemctl reload haproxy - применяем
-```
+- `haproxy -f /etc/haproxy/haproxy.cfg -c` - тестируем
+- `systemctl reload haproxy` - применяем

 ---
Author	SHA1	Message	Date
ilyamak04	5f8444331a	ADD some haproxy All checks were successful Build MkDocs / build-and-deploy (push) Successful in 14s Details	2025-05-28 20:52:05 +03:00
ilyamak04	96b180c4ff	ADD some influx	2025-05-28 20:51:34 +03:00
ilyamak04	fa733107ba	ADD fail2ban	2025-05-28 20:51:18 +03:00