peperunas/nixos
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
96bca243fb
nixos/hosts/architect/fail2ban.nix
Giulio De Pasquale 2ea01ff3e9 a lot of things...?
2021-08-07 13:38:18 +02:00

27 lines
666 B
Nix
Raw Blame History

{ config, pkgs, ... }:
{
services.fail2ban = {
enable = true;
package = pkgs.fail2ban;
packageFirewall = pkgs.nftables;
banaction = "nftables-multiport";
banaction-allports = "nftables-allport";
bantime-increment.enable = true;
# ignoreIP = [ "10.0.0.0/24" "10.3.0.0/24" ];
daemonConfig = ''
[Definition]
loglevel = INFO
logtarget = SYSLOG
socket = /run/fail2ban/fail2ban.sock
pidfile = /run/fail2ban/fail2ban.pid
dbfile = /var/lib/fail2ban/fail2ban.sqlite3
'';
jails = {
sshd = ''
maxretry = 3
mode = aggressive
'';
};
};
}
Reference in New Issue View Git Blame Copy Permalink