spoody/server-configuration
spoody/server-configuration
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

fail2ban

Browse source
This commit is contained in:
baritone 2025-03-04 00:43:56 +01:00
parent bb3fd6ee57
commit 659014a05f
2 changed files with 25 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
configuration.nix
View file

@ -7,6 +7,7 @@
./services/jellyfin.nix ./services/jellyfin.nix
./services/website.nix ./services/website.nix
./services/mailserver.nix ./services/mailserver.nix
./services/fail2ban.nix
./services/misc.nix ./services/misc.nix
./modules/git.nix ./modules/git.nix

26
services/fail2ban.nix
View file

@ -1,4 +1,26 @@
{...}: {config, ...}: {
{ services.fail2ban = {
enable = true;
jails = {
dovecot = lib.mkIf config.services.dovecot2.enable {
settings = {
# block IPs which failed to log-in
# aggressive mode add blocking for aborted connections
filter = "dovecot[mode=aggressive]";
maxretry = 3;
};
};
jellyfin = lib.mkIf config.services.jellyfin.enable {
backend = "auto";
enabled = true;
port = [80 443];
maxretry = 3;
bantime = 86400;
findtime = 43200;
logpath = "/var/lib/jellyfin/log/*.log";
};
};
};
} }