Add fail2ban checks for owncloud

conf/fail2ban/jail.local

@@ -40,6 +40,14 @@ logpath  = /var/log/roundcubemail/errors
 maxretry = 20
 findtime = 30
 
+[owncloud]
+enabled  = true
+port     = http,https
+filter   = owncloud
+logpath  = /home/user-data/owncloud/owncloud.log
+maxretry = 20
+findtime = 30
+
 [recidive]
 enabled  = true
 maxretry = 10

conf/fail2ban/owncloud.conf

@@ -0,0 +1,3 @@
+[Definition]
+failregex=Login failed: .*Remote IP: '<HOST>[\)']
+ignoreregex =

setup/owncloud.sh

@@ -163,7 +163,10 @@ fi
 #   so set it here. It also can change if the box's PRIMARY_HOSTNAME changes, so
 #   this will make sure it has the right value.
 # * Some settings weren't included in previous versions of Mail-in-a-Box.
+# * We need to set the timezone to the system timezone to allow fail2ban to ban
+#   users within the proper timeframe
 # Use PHP to read the settings file, modify it, and write out the new settings array.
+TIMEZONE=$(cat /etc/timezone)
 CONFIG_TEMP=$(/bin/mktemp)
 php <<EOF > $CONFIG_TEMP && mv $CONFIG_TEMP $STORAGE_ROOT/owncloud/config.php;
 <?php
@@ -175,6 +178,8 @@ include("$STORAGE_ROOT/owncloud/config.php");
 \$CONFIG['overwrite.cli.url'] = '/cloud';
 \$CONFIG['mail_from_address'] = 'administrator'; # just the local part, matches our master administrator address
 
+\$CONFIG['logtimezone'] = '$TIMEZONE';
+
 echo "<?php\n\\\$CONFIG = ";
 var_export(\$CONFIG);
 echo ";";

setup/system.sh

@@ -234,4 +234,5 @@ cat conf/fail2ban/jail.local \
 cp conf/fail2ban/dovecotimap.conf /etc/fail2ban/filter.d/dovecotimap.conf
 cp conf/fail2ban/miab-management-daemon.conf /etc/fail2ban/filter.d/miab-management-daemon.conf
 cp conf/fail2ban/roundcube.conf /etc/fail2ban/filter.d/roundcube.conf
+cp conf/fail2ban/owncloud.conf /etc/fail2ban/filter.d/owncloud.conf
 restart_service fail2ban