27 lines
637 B
Nix
27 lines
637 B
Nix
{config, ...}: {
|
|
services.fail2ban = {
|
|
enable = true;
|
|
|
|
jails = {
|
|
dovecot = lib.mkIf config.services.dovecot2.enable {
|
|
settings = {
|
|
# block IPs which failed to log-in
|
|
# aggressive mode add blocking for aborted connections
|
|
filter = "dovecot[mode=aggressive]";
|
|
maxretry = 3;
|
|
};
|
|
};
|
|
|
|
jellyfin = lib.mkIf config.services.jellyfin.enable {
|
|
backend = "auto";
|
|
enabled = true;
|
|
port = [80 443];
|
|
maxretry = 3;
|
|
bantime = 86400;
|
|
findtime = 43200;
|
|
logpath = "/var/lib/jellyfin/log/*.log";
|
|
};
|
|
};
|
|
};
|
|
}
|