Fail2Ban: Align logrotate count & interval (#3915)

CHANGELOG.md

@@ -66,6 +66,7 @@ The most noteworthy change of this release is the update of the container's base
 
 - **Environment Variables:**
   - `LOGROTATE_COUNT` defines the number of files kept by logrotate ([#3907](https://github.com/docker-mailserver/docker-mailserver/pull/3907))
+    - The fail2ban log file is now also taken into account by `LOGROTATE_COUNT` and `LOGROTATE_INTERVAL` ([#3915](https://github.com/docker-mailserver/docker-mailserver/pull/3915))
 
 ### Updates
 

target/scripts/startup/setup.d/security/misc.sh

@@ -189,14 +189,17 @@ function __setup__security__fail2ban() {
     _log 'debug' 'Enabling and configuring Fail2Ban'
 
     if [[ -e /tmp/docker-mailserver/fail2ban-fail2ban.cf ]]; then
+      _log 'trace' 'Custom fail2ban-fail2ban.cf found'
       cp /tmp/docker-mailserver/fail2ban-fail2ban.cf /etc/fail2ban/fail2ban.local
     fi
 
     if [[ -e /tmp/docker-mailserver/fail2ban-jail.cf ]]; then
+      _log 'trace' 'Custom fail2ban-jail.cf found'
       cp /tmp/docker-mailserver/fail2ban-jail.cf /etc/fail2ban/jail.d/user-jail.local
     fi
 
     if [[ ${FAIL2BAN_BLOCKTYPE} != 'reject' ]]; then
+      _log 'trace' "Setting fail2ban blocktype to 'drop'"
       echo -e '[Init]\nblocktype = drop' >/etc/fail2ban/action.d/nftables-common.local
     fi
 
@@ -205,6 +208,9 @@ function __setup__security__fail2ban() {
     _log 'debug' 'Fail2Ban is disabled'
     rm -f /etc/logrotate.d/fail2ban
   fi
+  _log 'trace' 'Configuring fail2ban logrotate rotate count and interval'
+  sedfile -i "s|rotate 4$|rotate ${LOGROTATE_COUNT}|" /etc/logrotate.d/fail2ban
+  sedfile -i "s|weekly$|${LOGROTATE_INTERVAL}|"       /etc/logrotate.d/fail2ban
 }
 
 function __setup__security__amavis() {