fail2ban on rackserv
This commit is contained in:
parent
a1dc18d3c8
commit
85962b9344
SSH key fingerprint:
SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
2 changed files with 13 additions and 4 deletions
|
|
@ -1,10 +1,6 @@
|
|||
{
|
||||
lib,
|
||||
pkgs,
|
||||
inputs,
|
||||
systemProfiles,
|
||||
specialArgs,
|
||||
self,
|
||||
...
|
||||
}: {
|
||||
imports =
|
||||
|
|
@ -13,6 +9,7 @@
|
|||
inputs.impermanence.nixosModules.impermanence
|
||||
inputs.disko.nixosModules.disko
|
||||
./disk-config.nix
|
||||
./fail2ban.nix
|
||||
]
|
||||
++ (map (x: systemProfiles + x) [
|
||||
/core/security.nix
|
||||
|
|
|
|||
12
sys/machines/rackserv/fail2ban.nix
Normal file
12
sys/machines/rackserv/fail2ban.nix
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
{
|
||||
services.fail2ban = {
|
||||
enable = true;
|
||||
ignoreIP = ["100.64.0.0/10"]; # tailscale
|
||||
bantime = "1h";
|
||||
bantime-increment = {
|
||||
enable = true;
|
||||
maxtime = "168h";
|
||||
factor = "4";
|
||||
};
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue