Merge pull request #12 from Materialistix/main

Update fail2ban-curl-allow SELinux Module to v1.1, improve systemd deployment docs & add missing import in client.go

deployment/fail2ban-curl-allow.te

@@ -1,11 +1,23 @@
-
-module fail2ban-curl-allow 1.0;
+# deployment/fail2ban-curl-allow.te
+module fail2ban-curl-allow 1.1;
 
 require {
-	type fail2ban_t;
-	type http_cache_port_t;
-	class tcp_socket name_connect;
+    type fail2ban_t;
+    type http_cache_port_t;
+    type var_run_t;
+    type etc_t;
+    type var_log_t;
+    class tcp_socket name_connect;
+    class file { read write open execute };
+    class dir { search read };
 }
 
 #============= fail2ban_t ==============
 allow fail2ban_t http_cache_port_t:tcp_socket name_connect;
+
+# Zusätzliche benötigte Berechtigungen
+allow fail2ban_t etc_t:file { read open };
+allow fail2ban_t var_log_t:file { read open };
+allow fail2ban_t var_run_t:file { read write open };
+allow fail2ban_t var_run_t:dir search;
+allow fail2ban_t etc_t:dir search;

deployment/systemd/README.md

@@ -26,7 +26,7 @@ Clone the repository to `/opt/fail2ban-ui`:
   ```bash
   sudo git clone https://github.com/swissmakers/fail2ban-ui.git /opt/fail2ban-ui
   cd /opt/fail2ban-ui
-  sudo go build -o fail2ban-ui ./cmd/main.go
+  sudo go build -o fail2ban-ui ./cmd/server/main.go
   ```
 
 ### Create the fail2ban-ui.service
@@ -39,6 +39,7 @@ After=network.target fail2ban.service
 Requires=fail2ban.service
 
 [Service]
+Type=simple
 WorkingDirectory=/opt/fail2ban-ui
 ExecStart=/opt/fail2ban-ui/fail2ban-ui
 Restart=always

internal/fail2ban/client.go

@@ -19,6 +19,7 @@ package fail2ban
 import (
 	"errors"
 	"fmt"
+	"os"
 	"os/exec"
 	"strings"
 	"time"