From 4c83ae0e7e87f477f503a623b2d7424148a043b8 Mon Sep 17 00:00:00 2001
From: Eesaan Atluri <atlurie@uab.edu>
Date: Thu, 23 Jan 2025 16:06:00 -0500
Subject: [PATCH] feat: Add ban duration for the failtoban plugin

---
 group_vars/all                                 | 1 +
 roles/ssh_proxy/templates/sshpiperd.service.j2 | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/group_vars/all b/group_vars/all
index 9073d83a..0a7e36bf 100644
--- a/group_vars/all
+++ b/group_vars/all
@@ -353,6 +353,7 @@
   sshpiper_version: "feat-routing-by-group"
   sshpiper_dest_dir: "/opt/sshpiper"
   sshpiper_bin_dir: "{{ sshpiper_dest_dir }}/out"
+  sshpiper_bantime: 1200
 
 # http_proxy
   enable_http_proxy: false
diff --git a/roles/ssh_proxy/templates/sshpiperd.service.j2 b/roles/ssh_proxy/templates/sshpiperd.service.j2
index 14553e86..848def41 100644
--- a/roles/ssh_proxy/templates/sshpiperd.service.j2
+++ b/roles/ssh_proxy/templates/sshpiperd.service.j2
@@ -4,7 +4,7 @@ After=network.target
 
 [Service]
 Type=simple
-ExecStart= {{ sshpiper_bin_dir }}/sshpiperd -p 22 --log-level=trace {{ sshpiper_bin_dir }}/yaml --config {{ sshpiper_dest_dir }}/sshpiperd.yaml --no-check-perm -- {{ sshpiper_bin_dir }}/failtoban
+ExecStart= {{ sshpiper_bin_dir }}/sshpiperd -p 22 --log-level=trace {{ sshpiper_bin_dir }}/yaml --config {{ sshpiper_dest_dir }}/sshpiperd.yaml --no-check-perm -- {{ sshpiper_bin_dir }}/failtoban --ban-duration {{ sshpiper_bantime }}
 Restart=on-failure
 User=root