Compare commits
No commits in common. "229d6b9e1a0fec3f992c0de468f1e477dc4e5608" and "12b02bbaa30425a9d3a4231f7f5e0dd991e1b3f6" have entirely different histories.
229d6b9e1a
...
12b02bbaa3
18
flake.lock
generated
18
flake.lock
generated
@ -7,11 +7,11 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1639871969,
|
"lastModified": 1638553958,
|
||||||
"narHash": "sha256-6feWUnMygRzA9tzkrfAzpA5/NBYg75bkFxnqb1DtD7E=",
|
"narHash": "sha256-leETjYMtD9y37CvfRSQhIGibcIl4dNVlFkY/8QgqmAM=",
|
||||||
"owner": "rycee",
|
"owner": "rycee",
|
||||||
"repo": "home-manager",
|
"repo": "home-manager",
|
||||||
"rev": "697cc8c68ed6a606296efbbe9614c32537078756",
|
"rev": "6ce1d64073f48b9bc9425218803b1b607454c1e7",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -23,11 +23,11 @@
|
|||||||
},
|
},
|
||||||
"nixos-unstable": {
|
"nixos-unstable": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1639699734,
|
"lastModified": 1638806821,
|
||||||
"narHash": "sha256-tlX6WebGmiHb2Hmniff+ltYp+7dRfdsBxw9YczLsP60=",
|
"narHash": "sha256-v2qd2Bsmzft53s43eCbN+4ocrLksRdFLyF/MAGuWuDA=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "03ec468b14067729a285c2c7cfa7b9434a04816c",
|
"rev": "bc5d68306b40b8522ffb69ba6cff91898c2fbbff",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
@ -39,11 +39,11 @@
|
|||||||
},
|
},
|
||||||
"nixpkgs": {
|
"nixpkgs": {
|
||||||
"locked": {
|
"locked": {
|
||||||
"lastModified": 1639794673,
|
"lastModified": 1638887115,
|
||||||
"narHash": "sha256-bjauV0+Z4WmxeiHXecyiEOEwo+XysO6kx36beeatbl0=",
|
"narHash": "sha256-emjtIeqyJ84Eb3X7APJruTrwcfnHQKs55XGljj62prs=",
|
||||||
"owner": "NixOS",
|
"owner": "NixOS",
|
||||||
"repo": "nixpkgs",
|
"repo": "nixpkgs",
|
||||||
"rev": "2627c4b795107ba94562626925f5a9a2bc62ebc6",
|
"rev": "1bd4bbd49bef217a3d1adea43498270d6e779d65",
|
||||||
"type": "github"
|
"type": "github"
|
||||||
},
|
},
|
||||||
"original": {
|
"original": {
|
||||||
|
|||||||
@ -132,11 +132,7 @@ in {
|
|||||||
services = {
|
services = {
|
||||||
zfs.autoScrub.enable = true;
|
zfs.autoScrub.enable = true;
|
||||||
xserver.videoDrivers = [ "nvidia" ];
|
xserver.videoDrivers = [ "nvidia" ];
|
||||||
openssh = {
|
openssh.enable = true;
|
||||||
enable = true;
|
|
||||||
passwordAuthentication = false;
|
|
||||||
challengeResponseAuthentication = false;
|
|
||||||
};
|
|
||||||
smartd.enable = true;
|
smartd.enable = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@ -3,7 +3,23 @@
|
|||||||
enable = true;
|
enable = true;
|
||||||
package = pkgs.fail2ban;
|
package = pkgs.fail2ban;
|
||||||
packageFirewall = pkgs.nftables;
|
packageFirewall = pkgs.nftables;
|
||||||
|
banaction = "nftables-multiport";
|
||||||
|
banaction-allports = "nftables-allport";
|
||||||
bantime-increment.enable = true;
|
bantime-increment.enable = true;
|
||||||
ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ];
|
# ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ];
|
||||||
|
daemonConfig = ''
|
||||||
|
[Definition]
|
||||||
|
loglevel = INFO
|
||||||
|
logtarget = SYSLOG
|
||||||
|
socket = /run/fail2ban/fail2ban.sock
|
||||||
|
pidfile = /run/fail2ban/fail2ban.pid
|
||||||
|
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
|
||||||
|
'';
|
||||||
|
jails = {
|
||||||
|
sshd = ''
|
||||||
|
maxretry = 3
|
||||||
|
mode = aggressive
|
||||||
|
'';
|
||||||
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user