atridad/haschel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2b7c0946277a1400f486abc3dbe0d561f50dc08f
haschel/modules/fail2ban.nix
Atridad Lahiji 2b7c094627
Some checks failed
Deploy NixOS / deploy (push) Failing after 23s
Details
Fail2ban
2026-02-14 16:38:11 -07:00

73 lines
1.4 KiB
Nix
Raw Blame History

{ config, pkgs, lib, ... }:
{
services.fail2ban = {
enable = true;
bantime = "1h";
bantime-increment = {
enable = true;
maxtime = "168h";
factor = "4";
};
maxretry = 5;
findtime = "10m";
ignoreIP = [
"127.0.0.0/8"
"::1"
"100.64.0.0/10"
];
jails = {
sshd = {
settings = {
enabled = true;
port = "22";
filter = "sshd[mode=aggressive]";
maxretry = 5;
findtime = "10m";
bantime = "1h";
};
};
nginx-botsearch = {
settings = {
enabled = true;
port = "http,https";
filter = "nginx-botsearch";
logpath = "/var/log/nginx/access.log";
maxretry = 5;
findtime = "10m";
bantime = "1h";
};
};
nginx-http-auth = {
settings = {
enabled = true;
port = "http,https";
filter = "nginx-http-auth";
logpath = "/var/log/nginx/error.log";
maxretry = 5;
findtime = "10m";
bantime = "1h";
};
};
nginx-bad-request = {
settings = {
enabled = true;
port = "http,https";
filter = "nginx-bad-request";
logpath = "/var/log/nginx/access.log";
maxretry = 15;
findtime = "10m";
bantime = "30m";
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink